General Question

flo's avatar

What is better than "security question and answer" for email account verification?

Asked by flo (13313points) 3 months ago
6 responses
“Great Question” (1points)

To verify it’s really the account owner who is trying to sign in, there is, or was, “security question and answer”. Is there anything better than that?

Observing members: 0
Composing members: 0

Answers

ragingloli's avatar

Here is a genius tip I read once for these recovery questions:
Make the answer completely unrelated to reality, or even the topic of the question.

janbb's avatar

There is also two-step verification used by some programs. They will send a verification code to your phone and you have to put it in to sign in to the app or program.

I’m not sure which is more secure.

zenvelo's avatar

Two Factor authentication is much better, and because it is a temporary access on a different appliance, tends to avoid the problems where someone has “found” your device.

The better way (but a bit of overkill for the average consumer) is to get a one time token that updates once a minute that is also coordinated with a computer. That is why the company I work for uses to authenticate when I log in to the VPN. And even then, the VPN disconnects after 12 hours and I must go through the authentication again.

RedDeerGuy1's avatar

Finger print scanners.

flo's avatar

OK. By thwe way, I didn’t mean to suggest that securiy question is not good enough, But it can be bettee ’‘Making the answer be completely unrelated to the question’’ (@rangingloli s post )

flo (13313points)“Great Answer” (1points)
Shamrocks75's avatar

2 step verification, some offer keys.

Answer this question

Login

or

Join

to answer.

Mobile | Desktop


Send Feedback   

`