DTMark
0
Maybe this is just a personal bugbear of mine.. (I seem to have a few of those)
When you sign up for an account or service, typically, you're asked for a password reminder question and answer.
Helpful to recover your information and prove that you are who you say you are, and worthwhile, should you forget your access details.
What bugs me is when you have to choose from a specific list of questions and supply an answer.
And, if anyone were even faintly determined to "crack" your account, they wouldn't have very much difficulty in doing so.
Examples:
Favourite teacher
First car
Favourite author
Street where you grew up
City you were born in
.. and so on. There is no "Set your own question" option.
Anyone who knows anything about you - whether through a personal connection, looking at your internet postings, etc., can crack any one of these fairly easily.
You and I might know better here and pick any one of those, and supply an answer which doesn't pertain to the question.
However I suspect many users follow the instructions and happily use one of the pre-supplied options and supply the answer.
This arguably makes the account less, not more, secure. Now that identity theft is becoming a big issue, I think that some people are going to find their account security breached in this manner.
That drop down list of questions seems like a good idea, but, I suspect, two plain text boxes into which you supply the Q and the A would be more secure and the pre-supplied ones need consigning to the bin.
When you sign up for an account or service, typically, you're asked for a password reminder question and answer.
Helpful to recover your information and prove that you are who you say you are, and worthwhile, should you forget your access details.
What bugs me is when you have to choose from a specific list of questions and supply an answer.
And, if anyone were even faintly determined to "crack" your account, they wouldn't have very much difficulty in doing so.
Examples:
Favourite teacher
First car
Favourite author
Street where you grew up
City you were born in
.. and so on. There is no "Set your own question" option.
Anyone who knows anything about you - whether through a personal connection, looking at your internet postings, etc., can crack any one of these fairly easily.
You and I might know better here and pick any one of those, and supply an answer which doesn't pertain to the question.
However I suspect many users follow the instructions and happily use one of the pre-supplied options and supply the answer.
This arguably makes the account less, not more, secure. Now that identity theft is becoming a big issue, I think that some people are going to find their account security breached in this manner.
That drop down list of questions seems like a good idea, but, I suspect, two plain text boxes into which you supply the Q and the A would be more secure and the pre-supplied ones need consigning to the bin.























