What is a security question?
A security question is a question that is used to verify the identity of the person on the network or on the web with a password. Users usually select one of a number of biographical questions to answer when they create online accounts. If the user forgets the password, he will be asked to answer this security question. If the question is correctly answered, the system will send information on how to reset the password. Security questions can also be used as a secondary form of identity verification after entering a password, for example, if the user logs in from an unknown location.
Security issues have gained kindness since the beginning of 2000 as a result of what is sometimes called "chaos passwords". Someone who uses the Internet for work, school, banking, personal communication, etc. can have dozens of different user names and passwords that can easily confuse. Before the arrival of security questions, the user may need to call customer service on the HAVE password reset manually. Sites that allow users to reset HEsla using a security question, saving money for companies and user time.
Although security questions are in a suitable way to reset the password, they are generally considered much less secure than the password itself. For example, a common security question is "What is your mother's name?" This information, although it may not be well known, can often be found through a little internet speaking, threatening the user's account. Further information that is sometimes used in security questions may include domestic animals, popular holidays or school information, most of which are commonly published on social networks.
Given these security risks, users and network developers must be careful about the security questions they choose, as well as how they respond. A good security question should have many possible answers that wouldThe hacker probably wasn't able to guess. Users should be careful not to disclose information about the security question anywhere on the Internet.
developers should also phrase questions in such a way that there is only one possible way to write an answer. For example, the answer to the question "What is the date of birth of your mother?" It could be written "1 July 1948", "1 July 1948", "7. 1 1948" or any other ways. A user who forgot his password probably will not remember how he wrote an answer, which is a poorly written security question. A better question would be: "What is the month and year of the birth of your mother (eg July 1948)?"