(in)Security Questions
From IIW
Insecurity Sessions
Thursday 4J
Convener: Jim Fenton
Notes-taker(s): Jim Fenton
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
We had a small but engaged group for the Insecurity Questions session. We discussed several examples of "security" questions that appear on the Insecurity Questions blog site:
https://insecurityq.wordpress.com/
Several key points:
- Despite what some sites say, setting up "security" questions does not
improve your account security, it degrades it.
- "Security" questions are really about cutting customer support costs,
not about improving security
- This is a practice that is effectively banned in some areas of Europe
(e.g., Sweden).
Send us more examples! See the instructions at