Y
Hacker News
new
|
ask
|
show
|
jobs
by
ncallaway
1882 days ago
Security questions are typically stored with a reversible encryption so they can be used by CS agents.
Security questions are not a password.
2 comments
MereInterest
1882 days ago
Which is why security questions are a horrible idea. What good does it do to have your nicely salted and hashed password when the answers to the security questions are available in plain text and get you access to the account.
link
tinus_hn
1882 days ago
They are just equivalent to a password, as knowing the answers allows you to reset the password.
link