Problem with Secret Questions 2

Secret questions are supposed to help a person keep his privacy and his profile secure. Problem is, most secret questions are very common that it’s easier for anyone to guess the answers, code, pin, or password to an account. This happens especially if there are so many information available. Questions like “What is your mother’s maiden name?” or “What was your first pet’s name?” are often asked that somehow, people can easily guess them to access your account.

Google has recently analyzed the security questions and the answers of hundreds of millions of Google account owners. The company wanted to know the effectiveness of the security questions. No in-depth study has been made yet so Google went on to analyzing the data from email account recovery claims, looking at the secret questions and answers. Google measure the “likelihood that hackers could guess the answers” and findings were presented in an infographic.

The findings where presented recently at WWW 2015. Google made the following conclusion:

“Secret questions are neither secure nor reliable enough to be used as a standalone account recovery mechanism. That’s because they suffer from a fundamental flaw: their answers are either somewhat secure or easy to remember—but rarely both.”

Listed below are some relevant findings:

• With one guess, an attacker’s chance of guessing English-speaking users’ answers to the question “What is your favorite food?” is 19.7%

• With ten guesses, a hackers has a 24% chance of guessing Arabic-speaking users’ answers to “What’s your first teacher’s name?”

• With ten guesses, an attacker has a 21% chance of guessing Spanish-speaking users’ answers to “What is your father’s middle name?”

• With ten guesses, an attacker has a 39% chance of guessing Korean-speaking users’ answers to “What is your city of birth?”

• 40% of English-speaking users in the US couldn’t recall answers to their secret questions

• Hard to remember and use questions include “What is your library card number?” and “What is your frequent flyer number?”

• There’s a 55% success rate for the question “What is your first phone number?” while “What is your father’s middle name?” had a 76% success rate

• The easiest question is “What city were you born in?” with more than 79% recall rate

Click here to view full infographic

SOURCE: Google Online Security

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.