The thing that always really struck me about those security questions is that basically all of them are information a pissed-off ex would be likely to have. O.o
Not to mention the answers to most default “security” questions are easily obtainable by anyone with access to Google and your name. I still chuckle when I see government and university websites using this system, which really only serves to punish forgetful users and amuse hackers. Especially the university websites. I’m paying a mountain of money for you to have such a lazy cybersecurity system?!
Bonus points if said system doesn’t let you write your own questions.
Ah yes, two-factor authentication. It’s supposed to be something you know, and something you have (e.g. password and your phone).
For some reason, many websites think “something you know, and something else you know” counts, when it really, really doesn’t, especially when it’s “something most people who know you would also know” as Azkyroth pointed out.
I named my first pet after the first street I lived on, which was also my mother’s maiden name. That’s totally safe, right? It’s a 4-letter name, so I can use it as my bank PIN too.
Thats… genius.
And you have to pick a name with 6 to 14 characters.
I lied when answering my banking security questions.
Ssh!! Nobody tell them.
Phonetically pronounced “Flat Fee”
The thing that always really struck me about those security questions is that basically all of them are information a pissed-off ex would be likely to have. O.o
Not to mention the answers to most default “security” questions are easily obtainable by anyone with access to Google and your name. I still chuckle when I see government and university websites using this system, which really only serves to punish forgetful users and amuse hackers. Especially the university websites. I’m paying a mountain of money for you to have such a lazy cybersecurity system?!
Bonus points if said system doesn’t let you write your own questions.
Ah yes, two-factor authentication. It’s supposed to be something you know, and something you have (e.g. password and your phone).
For some reason, many websites think “something you know, and something else you know” counts, when it really, really doesn’t, especially when it’s “something most people who know you would also know” as Azkyroth pointed out.
*gasp* So two-factor authentication doesn’t mean two different ways you can choose either of?! Like a logical or?
I named my first pet after the first street I lived on, which was also my mother’s maiden name. That’s totally safe, right? It’s a 4-letter name, so I can use it as my bank PIN too.
Sounds pretty safe.