Another useful piece of research on the topic:
V. Griffith and M. Jakobsson.
Messin' with Texas, Deriving Mother's Maiden Names Using Public Records.
ACNS '05, 2005 and CryptoBytes Winter '07
http://www.informatics.indiana.edu/markus/papers.asp
Cheers, Scott
Wells Fargo is requiring their online banking customers to provide
answers to security questions such as these:
Does Wells Fargo really use the term security question here?
Just wondering,
Stefan.
Symposium Wirtschaftsspionage
Does anyone know how this security questions disease started, and why
it is spreading the way it is? If your company does this, can you find
the people responsible and ask them what they were thinking?
My theory is that no actual security people have ever been involved, and
that it's just
Stefan Kelm wrote:
Wells Fargo is requiring their online banking customers to provide
answers to security questions such as these:
Does Wells Fargo really use the term security question here?
Yes it does. I'm a Wells Fargo customer and I had to set my security
questions yesterday in order
On Thu, 7 Aug 2008, John Ioannidis wrote:
| Does anyone know how this security questions disease started, and
| why it is spreading the way it is? If your company does this, can you
| find the people responsible and ask them what they were thinking?
|
| My theory is that no actual security
John Ioannidis wrote:
| Does anyone know how this security questions disease started, and
why
| it is spreading the way it is? If your company does this, can you
find
| the people responsible and ask them what they were thinking?
The answer is Help Desk Call Avoidance; allow the end-user to