Monday, November 2, 2009

The Secret Question is just like putting something away in a "Safe" place

Lots of web sites use a "secret question" as part of their security methodology. So, you sign up for an account and along with a password, you're prompted to select a secret question and answer. Some websites even let you create your own security question -- the theory being that you'll remember a security question that you create, in case the default questions don't appeal to you.

I hate the Security questions/answers. Nine times out of ten, I forget what question I selected (or created). Even if I do remember the question, sometimes, I try to be clever and not provide an obvious answer. And I forget that as well.

I tried to log into a work website today and had to reset my password (yes, because I forgot it). I had to pick my security question. I sat there for 10 minutes, just staring at the question. I had absolutely no conscious memory of which question I had chosen, originally. Finally, I made wild guess. Oddly enough, I guess correctly. Or, the authentication doesn't really work and anything would have worked.

I so wish the age of username/password/security question would evolve into something else. I just cannot remember all the different usernames, passwords, questions, blah, blah, blah. I either have to write them down (which is a security issue in itself), or use variations of the same username/passwords -- again, not very secure. Biometrics, please? Or something else, please? Surely,with all the advances in technology, we can move beyond username/password/questions which are decades old.

It's just like me putting something away in a "safe" place. Nine times out of ten, I don't recall where that safe place exists and either I never find the object again, or it turns up way later than when I needed it.

Maybe I just need a personal assistant to take care of these details. Heavens knows, I am not managing well on my own.

No comments: