WIRED Security Latest

Silicon Valley & Technology - Voice of America

InfoWorld Security

The Register - Security

IEEE Spectrum Computing Channel

Cyberlaw - Stanford Center for Internet and Society

Help Net Security - News

May 21, 2015

Google Online Security Blog: New Research: Some Tough Questions for ‘Security Questions’

Google Online Security Blog: New Research: Some Tough Questions for ‘Security Questions’










  • With a single guess, an attacker would have a 19.7% chance of guessing English-speaking users’ answers to the question "What is your favorite food?" (it was ‘pizza’, by the way) 
  • With ten guesses, an attacker would have a nearly 24% chance of guessing Arabic-speaking users’ answer to the question "What’s your first teacher’s name?"
  • With ten guesses, an attacker would have a 21% chance of guessing Spanish-speaking users’ answers to the question, "What is your father’s middle name?"
  • With ten guesses, an attacker would have a 39% chance of guessing Korean-speaking users’ answers to the question "What is your city of birth?" and a 43% chance of guessing their favorite food.

Many different users also had identical answers to secret questions that we’d normally expect to be highly secure, such as "What’s your phone number?" or "What’s your frequent flyer number?". We dug into this further and found that 37% of people intentionally provide false answers to their questions thinking this will make them harder to guess. However, this ends up backfiring because people choose the same (false) answers, and actually increase the likelihood that an attacker can break in.

Read more . . . 

IEEE Annals of the History of Computing

Here's a phish you might not spot - 60 Sec Security

Hackaday Blog

Biggest Information Security and Cybersecurity Misconceptions

Computer History Museum Videos

Slashdot: Your Rights Online

Public Key Cryptography: Diffie-Hellman Key Exchange

ComputerWeekly.com - When IT Meets Politics

Nextgov.com News Articles

Electronic Privacy Information Center

SecurityWeek

European Public Policy Blog