Can we please outlaw mandatory security questions from a pre-selected list that can be used to reset your password???
-
Can we please outlaw mandatory security questions from a pre-selected list that can be used to reset your password???
-
@Techaltar Bonus Points when the answer to a bunch of those are on the public record.
-
@PatrickoftheG As a public person, basically all of them can be found out about me with 30 seconds of Googling...
-
Bonus points: this is for a payment service, so really something you wouldn't want a rando to reset...
-
@Techaltar Security questions should just generally not be a concept at all anymore. We've long moved past needing this kind of "two-factor" or backup authentication method.
At least I can just throw another generated password in there for now.
-
@ksawatsky yeah literally what I did, haha
-
@Techaltar In the interim (if any companies actually decide to let us write our own security questions), you can just use a random password generator or something to make a totally nonsense string of characters, then store it in whatever password manager you use so no one could realistically get the correct answer. It's annoying, but it works (assuming the response field doesn't require you to only use certain characters or write it in a specific format).
-
@Techaltar I remember how amazed I was when I heard that some people answer these questions truthfully! Nooooooo.
-
@Techaltar now I'm just filling it with a random password that goes in the same vault as the master password...
