this post was submitted on 08 Aug 2024
819 points (98.8% liked)

Comic Strips

12497 readers
4179 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 20 points 3 months ago (2 children)

How is even having these security questions even considered safe? What is more likely, person to know your password or a name of your favorite dog that you might get from that person's Facebook account?

[–] [email protected] 20 points 3 months ago (1 children)

That's why you make the answers fake ones. Like instead of your actual favorite pet, you answer lassy or airbud or something stupid like that

[–] [email protected] 12 points 3 months ago (1 children)

Even to the point of being nonsensical. I've had tech support chuckle at me but the intent was clear as day. Anyone can find my mother's maiden name. Good luck figuring out the answer I gave the bank.

[–] [email protected] 7 points 3 months ago

I had to say my SQ answers to the bank as identity confirmation (which, them being capable of reading it (stored as plain text) is a huge security no no)

and my answers were 20 random characters. That was fun

[–] [email protected] 7 points 3 months ago

it's not. These are very bad practice that had obvious problems from the start.

Sarah Palin's Yahoo account was broken into during the 2008 election by guessing her security questions. If it wasn't clear before then, it should have been clear after. No excuse for companies continuing to do this.