Bad news for security questions–it turns out lots of people love pizza.
You know those annoying security questions you have to answer when you sign up for some online accounts, so you can recover your password if you forget it?
A study by Google researchers found that they aren’t very secure at all.
The problem is that easy-to-remember answers aren’t secure enough, but users can’t remember secure ones, the study found.
Google and computer scientists at Stanford University looked at the distribution of hundreds of million of secret answers. Their paper was presented at the World Wide Web Conference in Florance, Italy this week.
Globally, the most common security questions are far too easy to figure out.
“What’s your favorite food?” doesn’t work for English speakers. A hacker would have a 20% chance of guessing right by simply choosing “pizza.”
Not only that, but people either forget what they like to eat or their tastes change pretty quickly. The success rate for getting the question right when locked out of an account was 74% after a month, 53% after three months and 47% after a year.
Names, especially in places where many people share the same name, don’t work much better.
Given ten guesses, an attacker would have a nearly 24% chance of guessing the name of an Arabic-speaker’s first teacher.
Click here to read more.
SOURCE: USA Today, Elizabeth Weise