I’ve almost certainly pissed ‘n’ moaned about this before, but it warrants repeating: specifically, the security questions that security-sensitive sites (such as banks) demand you create when setting up login information.
Now I have no problem at all setting up security questions…..as long as they (a) have a DISCRETE answer (b) post a question whose answer I can easily REMEMBER. A good example of a security question is “In which city did you get married?” That question is discrete (there is one and only one correct answer), and I can remember it very easily.
Want to see examples of BAD questions? Here they are, courtesy of the HSBC web site! (more…)