We could always stop burdening our users with keeping our systems secure for us. What is wrong with this combo:
*4 digit pin, same for ATM. *First and Last name. Isolate attacks intelligently. If the user attempts to log in more than 5-10 times and fails, Allow the user 1 new attempt each hour up to that number again. If they miss it for 3 hours in a row, or 3 full shots through. Require them to call or come in to reactivate. Give them the option to call or come in when they get locked out, because they might have forgotten their PIN. Give this message and act the same regardless of weather or not a user with that F and L name exists. Then stage the system. On normal log in, the user can do basic, 'safe' actions. Such as check balances and so on, perhaps transfer money from one account to another they hold. Say from checking to savings. If they want to do something that could really ruin them, such as transferring money into a joint account, or to some completely other account. It would require another step. This is where you ask for security questions to be answered, and it is now acceptable to bother someone with it. Make the questions a mix of things. And require most, but not all, to be correct to continue. Here is a good list and how to store it: *What is your mother's maiden name *What is your phone number *What is your address *What is your father's first name *What school did you go to *What is your favorite color *What is your favorite food *What is your mother's first name *Type something you'll remember, like a password In this case, there are 9 questions. When the account is setup, these should be answered, and alternatives could be given at the same time for many, and it is not case sensitive. If when entering, the user gets more than 5 of them correct, add the ones that were wrong to the lists and let them in. If they get all of the ones that were not likely to change correct, but not 6 correct, ask them to try again because they didn't get enough right to enter. Give them a number of trys like for entering the site in the first place. In the event that they moved recently, and their father changed his first name, and otherwise they get 5 or less right and don't get all the ones that should never change correctly. Lock those functions and require them to call or come in to fix the problem. Let them know that they don't need to remember all their answers to get in, just most of them. That should be safer than one security question, and yet, it should be easier for a person to get past, since they don't have to remember how they answered some arbitrary question. And it will get better and better at letting them in as they answer the questions with more and varied answers. Can this system be hacked? Sure, but it will require the hacker to know a lot about the person they are stealing from. And it WILL happen, but it would happen in any other system. it won't stop people from giving out their PIN or other info. So in the end, keeping an eye out for odd behavior and calling the person to make sure they REALLY mean to send their life savings to Nigeria, is going to be a great deal more secure than anything programmatic. If I had just dropped 35,000 on a new car by check, I'd be upset if my bank DIDN'T call me. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Posted from the new ixda.org http://www.ixda.org/discuss?post=36577 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [email protected] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
