Peter Saint-Andre wrote: [list of security questions snipped]
***It strikes me that the answers to many of these questions might be public information or subject to social engineering attacks...
You might enjoy reading Ari Rabkin's recent paper at SOUPS 2008 on this issue: "Personal knowledge questions for fallback authentication: Security questions in the era of Facebook" Ariel Rabkin http://www.cs.berkeley.edu/~asrabkin/bankauth.pdf He has slides as well: http://www.eecs.berkeley.edu/~asrabkin/rabkin.pdf -David Molnar
signature.asc
Description: OpenPGP digital signature
