We’ve all answered them: Mother’s maiden name, first school you attended, make of your first car, favorite pet’s name, and so forth. The idea makes sense: ask a question to which only you (and a few people close to you) know the answer, as a way of verifying that it’s really you logging into your banking site or credit card site.
The problem is that we now live in a social media dominated, share-everything society where the answers to those common questions can often be found in minutes by someone who is skilled at searching the web. How many of us babble on about our precious Rover or FiFi regularly on Facebook, or belong to Classmates web services where we diligently list the schools we’ve attended, right back to first grade?
Google’s recent research just confirms what we already knew: the value of these security questions in protecting our information is pretty limited. Interestingly, even if you deliberately provide false answers, that may backfire on you.
Read more here:
https://threatpost.com/security-questions-not-so-secure/112949
