Identity, Privacy and Trust

Feb 27 2008   11:01AM GMT

Turning security into a game of Trivial Pursuit

tobystevens tobystevens Profile: tobystevens


Many online and telephone services rely on asking daft personal questions to authenticate users, particularly when a password has been lost or an account locked out. It’s quite common to rely on a mother’s maiden name, first pet’s name or other significant personal data to prove the identity of the caller. We’ve already discussed the problem of using publicly-available data for this purpose, but there’s another problem: remembering the answer you gave when you established these challenge-response questions. How did you spell your first pet’s name? What was the exact model of your first car, or the name of your first love? And will you get locked out if you can’t remember these facts? Courtesy of Wired magazine, we now have the chance to play personal security Trivial Pursuit. Enjoy!

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: