Security questions are an alternative way of identifying your consumers when they have forgotten their password, entered the wrong credentials too many times or tried to log in from an unfamiliar device or location.
How do you create a good security question? We have come up with some tips and tricks that will help you create the best ones.
According to the Good Security Questions website, good security questions should touch all 5 of the below criteria.
By their very nature, even so-called good security questions are vulnerable to hackers because they aren’t random. Users are meant to answer them in a memorable way. And those answers could be obtained through phishing, social engineering, or research.
Many social media memes tap into the answers to common security questions, such as the name of your first dog/cat or the street you grew up on. So by innocently posting your superhero name or rapper name on Facebook, you’re inadvertently sharing important personal information.
Multi-factor authentication is a much more robust and secure method of consumer authentication that relies on two or more ways of verifying the consumer’s identity. You can learn more about Multi-factor authentication by clicking here.
By following these simple rules you minimize the risk of hackers forcing their way into your accounts. Lengthy alphanumeric passwords with special and non-repeating characters are much more difficult for an attacker to guess. It also takes significantly longer them to gain access.
Source:
https://www.loginradius.com/blog/identity/best-practices-choosing-good-security-questions/