|
|
|
|
|
|
by AlexandrB
4306 days ago
|
|
|
Not only is it insecure, but in some cases intensely user unfriendly. I used to put real answers in these until I realized even if I remembered the answer I could never recall the exact string I used. A common example: "Name of first car?" So was that "Neon"? or "Dodge Neon"? or "Blue Neon"? or maybe "neon"? or "1991 Dodge Neon"? Security questions are basically a secondary password masquerading as something else. But because they are not called a password, the expectations on their character-wise-correctness are not clear to a layman. I find the continued proliferation of security questions baffling, especially when some sites call password + security question "two factor authentication". |
|
|