Infosecurity News Reel

Loading...

The Register - Security

Help Net Security - News

May 21, 2015

Google Online Security Blog: New Research: Some Tough Questions for ‘Security Questions’

Google Online Security Blog: New Research: Some Tough Questions for ‘Security Questions’










  • With a single guess, an attacker would have a 19.7% chance of guessing English-speaking users’ answers to the question "What is your favorite food?" (it was ‘pizza’, by the way) 
  • With ten guesses, an attacker would have a nearly 24% chance of guessing Arabic-speaking users’ answer to the question "What’s your first teacher’s name?"
  • With ten guesses, an attacker would have a 21% chance of guessing Spanish-speaking users’ answers to the question, "What is your father’s middle name?"
  • With ten guesses, an attacker would have a 39% chance of guessing Korean-speaking users’ answers to the question "What is your city of birth?" and a 43% chance of guessing their favorite food.

Many different users also had identical answers to secret questions that we’d normally expect to be highly secure, such as "What’s your phone number?" or "What’s your frequent flyer number?". We dug into this further and found that 37% of people intentionally provide false answers to their questions thinking this will make them harder to guess. However, this ends up backfiring because people choose the same (false) answers, and actually increase the likelihood that an attacker can break in.

Read more . . . 

IEEE Spectrum Computing Channel

intelNews.org Latest News

Slashdot: Your Rights Online

HISTORY OF COMPUTING VIDEOS

Loading...

WIRED - Threat Level

European Public Policy Blog