{"id":8327,"date":"2015-05-26T21:37:41","date_gmt":"2015-05-27T01:37:41","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=8327"},"modified":"2015-05-26T21:37:41","modified_gmt":"2015-05-27T01:37:41","slug":"security-question-answers-are-less-secure-than-the-passwords-they-help-protect","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/05\/26\/security-question-answers-are-less-secure-than-the-passwords-they-help-protect\/","title":{"rendered":"Security question answers are less secure than the passwords they help protect"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.techspot.com\/news\/60763-security-question-answers-less-secure-than-passwords-they.html\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/www.techspot.com\/images2\/news\/bigimage\/2015-05-22-image-4.jpg\" alt=\"\" \/><\/a><\/p>\n<p>We\u2019re reminded on a regular basis that password security is of the utmost importance. Concepts like selecting strong passwords, using unique passwords for each login and not sharing your passwords are general knowledge at this point although many choose to ignore the advice.<\/p>\n<p>Unsurprisingly, we\u2019re also just as bad when it comes to providing answers to security questions when signing up for a new site or service but it&#8217;s not always the user&#8217;s fault.<\/p>\n<p>Security questions are designed to provide an extra layer of security or to help recover a password that you no longer remember. But as data from a recent study conducted by Google\u2019s security team reveals, they generally offer even less security than the passwords themselves.<\/p>\n<p style=\"text-align:center;\"><a href=\"http:\/\/www.techspot.com\/news\/60763-security-question-answers-less-secure-than-passwords-they.html\"><img data-recalc-dims=\"1\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2015\/05\/2015-05-22-image.png\" alt='' \/><\/a><\/p>\n<p>google study shows security questions secure passwords credentials login credentials security questions usernames<\/p>\n<p>People often choose answers that are easy to remember which by nature, aren\u2019t very secure because the answers often contain commonly known or publicly available information. Examples of popular security questions include asking the name of your first pet, your favorite food or your mother\u2019s maiden name.<\/p>\n<p>Conversely, difficult answers are often too tough to remember and thus, defeat the entire purpose of a security question. The team found that 40 percent of English-speaking users in the US couldn\u2019t recall their secret question answers when needed.<\/p>\n<p>Some of the safest questions, like asking for a user\u2019s library card number or their frequent flyer number, only had a recall rate of 22 percent and nine percent, respectively.<\/p>\n<p>The team\u2019s findings, summarized in a paper recently presented at WWW 2015, led them to conclude that secret questions are neither secure nor reliable enough to be used as a standalone account recovery mechanism.<\/p>\n<p>via <a href=\"http:\/\/www.techspot.com\/news\/60763-security-question-answers-less-secure-than-passwords-they.html\" target=\"_blank\">Security question answers are less secure than the passwords they help protect &#8211; TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We\u2019re reminded on a regular basis that password security is of the utmost importance. Concepts like selecting strong passwords, using [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,10],"tags":[797],"class_list":["post-8327","post","type-post","status-publish","format-standard","hentry","category-security","category-technology","tag-passwords"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-2aj","jetpack-related-posts":[{"id":2971,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/17\/tumblr-tells-users-to-change-passwords-patches-security-hole-in-ios-apps\/","url_meta":{"origin":8327,"position":0},"title":"Tumblr tells users to change passwords, patches security hole in iOS apps","author":"NCCT","date":"July 17, 2013","format":false,"excerpt":"Tumblr, the blogging site recently acquired by Yahoo, has released a security update for its iPhone and iPad apps that it said addresses an issue that allowed passwords to be compromised in certain circumstances. Users of the apps have been advised to update their passwords on Tumblr as there is\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9031,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/09\/24\/heres-what-you-should-know-and-do-about-the-yahoo-breach\/","url_meta":{"origin":8327,"position":1},"title":"Here&#8217;s what you should know, and do, about the Yahoo breach","author":"NCCT","date":"September 24, 2016","format":false,"excerpt":"By Lucian Constantin | IDG News Service | PCWorld Yahoo\u2019s announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale\u2014it\u2019s the largest data breach ever\u2014and the potential security implications for users. That\u2019s because Yahoo, unlike MySpace, LinkedIn and other online services that\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5724,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/06\/12\/its-official-malicious-hackers-have-crappy-password-hygiene-too\/","url_meta":{"origin":8327,"position":2},"title":"It\u2019s official: Malicious hackers have crappy password hygiene, too","author":"NCCT","date":"June 12, 2014","format":false,"excerpt":"Given the amount of time malicious hackers spend bypassing other people's security, you might think that they pay close attention to locking down their own digital fortresses. It turns out that many of them don't, according to a recent blog post documenting some of their sloppiest password hygiene. The post\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/06\/sewer-640x480.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/06\/sewer-640x480.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/06\/sewer-640x480.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":8935,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/05\/31\/myspace-hack-puts-at-least-360-million-users-at-risk\/","url_meta":{"origin":8327,"position":3},"title":"Myspace hack puts at least 360 million users at risk","author":"NCCT","date":"May 31, 2016","format":false,"excerpt":"By Shawn Knight | TechSpot Time Inc., which recently acquired pioneering social network Myspace, has confirmed reports that the site was hacked. Like the Tumblr breach that we reported on yesterday, the compromised Myspace data dates back several years. Time said earlier today that it first became aware shortly before\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6128,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/08\/05\/mozilla-warns-of-leaky-developer-network-database\/","url_meta":{"origin":8327,"position":4},"title":"Mozilla warns of leaky developer network database","author":"NCCT","date":"August 5, 2014","format":false,"excerpt":"Mozilla\u2019s website for developers leaked email addresses and encrypted passwords of registered users for about a month due to a database error, the organization said Friday. Email addresses for 76,000 Mozilla Development Network (MDN) users were exposed, along with around 4,000 encrypted passwords, wrote Stormy Peters, director of development relations,\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7850,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/03\/20\/security-now-499-your-questions-steves-answers-208\/","url_meta":{"origin":8327,"position":5},"title":"Security Now 499: Your Questions, Steve&#8217;s Answers 208","author":"NCCT","date":"March 20, 2015","format":false,"excerpt":"Hosts: Steve Gibson with Leo Laporte A look at the new TeslaCrypt, Yahoo! to eliminate passwords, InstantCryptor and Steve answers your questions!","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=8327"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8327\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=8327"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=8327"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=8327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}