Tony, Of course it is possible, but just because it is possible doesn't mean it is useful. It is very easy for two factor authentication systems that are improperly implemented to make the overall system less secure. The definition Mario used is important, otherwise the added security is just an illusion. Security questions about favourite pets and old schools are mainly useful for locking people out of their own accounts.
One of the easiest methods of gaining access to an account you are not supposed to have access to is to compromise one form of communication, like redirecting a cell phone signal or creating an email account that used an old service that doesn't exist anymore, and then answering security questions incorrectly enough times to trigger the recovery mechanism and have the recovery password sent using the communication channel you control. It is very easy to do something that is supposed to make a system more secure that actually makes it more vulnerable by increasing the size of the exposed attack surface. -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/003517eb-a9c7-4313-b844-ad43f75f4a87%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
