Part of living in an Internet world is dealing with (taking care of) security. Sure, you have to have good passwords, but for many websites, that is no longer good enough. In addition to a password, you often need to answer “security questions,” the answers to which only you would know.
The purpose of these security questions is to give the company that owns the website a way of verifying (making sure) that you are you, and not someone else trying to hack (enter illegally) into your account. If you lose your password or are logging in from a new device (computer, phone, tablet, etc.), the website may ask you one of these “secret” questions. And that’s where the problem begins.
For several years now, the questions asked have been pretty easy, such as:
- What was your mother’s maiden name (her last name before she married)?
- What’s your paternal grandfather‘s (your father’s father’s) middle name?
- What was the name of your first pet as a child?
These and similarly easy-to-remember answers have been used for many years by banks and other institutions. In fact, the “maiden name” question was used by banks in Baltimore way back in 1906.
But the Internet provides many sources of information that can make it easy for other people to learn the answers to these “private” questions, especially when people post their personal information on Facebook and other social media websites. So government and business websites have begun to develop more difficult questions. And a lot of people have a hard time finding (and later, remembering) the answers to them.
For example, the government in many U.S. states now asks you to answer three security questions to sign up for the new health care plans. Even when given lots of options (in California, there are 30 possible questions!), people are having difficulty giving answers to them. Some people don’t know the answer to the question, and others have never been in the situation imagined (thought of) by the question.
Here are some that people have had problems with:
- What was the color of your first bicycle?
- Who was your favorite childhood (when you were very young) superhero (fictional character with special powers, like Wonder Woman or Superman)?
- What was the name of the manager at the first job where you worked?
- What is your significant other’s (wife’s, husband’s, girlfriend’s, or boyfriend’s) favorite color?
- What is your youngest child’s birth weight?
- Where were you when you had your first kiss?
- What is your favorite vegetable?
- What was the color of your first cat? (!)
Even worse than these are hypothetical questions, questions about things that aren’t even “real.” Here are some more examples from business and government websites:
- If you could control (determine) your height (how tall you are), how tall would you be?
- If you needed a new first name, what would it be?
Even if you can come up with (think of) answers to these hypothetical questions, will you be able to remember your answer a month from now? A year from now? In one study, more than 20% of the people forgot their answers to their security questions within three months – and that was with factual (real) questions and answers.
Have you ever seen any security questions that either you could not answer or (later) could not remember the answer to?
Image credit: Security Questions by Janet McKnight, CC