Well, not quite. Since lots and lots of sites are doing this, I've got two main choices:
- Use the same small set of questions and answers everywhere.
- Use different questions and/or answers.
Using the same everywhere means not having to remember as much. If I make up a bunch of answers and/or use different ones everywhere, then I have to remember what I made up. Basically, I'm up against the exact same problem as with passwords themselves, except now there are two weak spots for attackers to exploit: My actual password, and the questions guarding my password.
Of the two the password is probably a bit more secure, assuming I haven't used one of the 500 worst passwords of all time (unfortunately, some people seem to confuse scatology with security). City of birth? There's a good chance it's one of the top 100. Mother's maiden name? Not exactly classified information. First dog's name? There are a lot of Maxes and Buddies out there.
Now I'd say most sites don't let you reset a password directly. Typically they'll email some gibberish to the address you registered with and you use that to log in and reset the password for real. But in that case, why bother with the rigmarole? Whatever real security there is comes from putting email in the loop.
All in all, it's a classic example of a more complex system looking more secure than a simple one, but actually being less secure.
2 comments:
re, the worst 500: I was surprised not to find "friend," and "42".
For better or worse, not everyone reads Tolkien and Adams.
Post a Comment