reply to antdude
Re: Secret Security Questions Are a Joke my thinking is that the problem with "security questions" is that they are less secure than passwords since, a lot of times, the security questions ask you for personal information that can be dug up, like "what street did you live on when you were a child?" "what is your mother's maiden name?".. so, i use bogus information for those types of security questions..
one time, when i had a problem with my yahoo account, instead of giving me security questions to answer, they told me to tell them what the security questions were, as well as the answers.. i couldn't tell them what the security questions were but said that if they would tell me what the security questions were then i would provide the answers, but they refused to tell me what the security questions were.. uhg!
SnowymIRC unix.ro UnderNetPremiumReviews:
said by redwolfe_98:The 'what are your questions' challenge was an easy way to harden a weak verification routine with data that was already there.
one time, when i had a problem with my yahoo account, instead of giving me security questions to answer, they told me to tell them what the security questions were, as well as the answers..
I had the same problem with not knowing the questions because it wasn't necessary to remember them when they were set.
I don't know of any service provider that adopted this extra challenge that actually informed it's users of the change.
What's even more fun is when the site security admins expect you to remember not only the answer to the security question you provided, but the question itself.
I had a particular law enforcement site that required me to call in to to replace an expired password. the admin asked me "What is your security question and answer?"
That one took a little time but I finally guessed the right question, and provided the right answer.