A7:2021 | Password Reset (5) | Cycubix Docs

The Problem with Security Questions

While Security Questions may at first seem like a good way to do authentication, they have some big problems.

The "perfect" security question should be hard to crack, but easy to remember. Also the answer needs to fixed, so it must not be subject to change.

There are only a handful of questions which satisfy these criteria and practically none which apply to anybody.

If you have to pick a security question, we recommend not answering them truthfully.

To further elaborate on the matter, there is a small assignment for you: There is a list of some common security questions down below. if you choose one, it will show to you why the question you picked is not really as good as one may think.

When you have looked at two questions the assignment will be marked as complete.

Last updated