For people who ever thought that "what was your first pet's name?" is a lousy way to keep intruders from resetting your password, there is now some evidence to back up your suspicions
Tech giant says password questions aren't really secure
In most cases, your answers are straightforward enough for attackers to stand a decent chance of getting them right in 10 guesses or less.
Google has just published research showing that security questions aren't that secure at all.
And using bogus answers to throw people off, doesn't work either. Many of those who use this strategy use common words therefore making it easier for someone to get in.
So what's the alternative, then?
Google doesn't believe that multiple security questions is the way, since that increases the possibility that you'll forget at least one answer and lock yourself out.
Instead, websites are better off using SMS-based reset codes, alternate email addresses and other methods that attackers can't just simply crack with a good guess.
Thankfully, big sites like Google already do this - the big challenge is getting your favorite store or social network to follow in this manner.
JOIN OUR PULSE COMMUNITY!
Eyewitness? Submit your stories now via social or: