Internet and e-mail policy and practice
including Notes on Internet E-mail


Click the comments link on any story to see comments or add your own.

Subscribe to this blog

RSS feed


18 Jul 2013

Cargo cult account security Internet

Arthur in L.A. asks:

Why do online accounts like the one at my alarm company keep adding extra security questions? The choices always require either a subjective answer ("What's your favorite movie?") or, in a two-person household, more than one answer ("In what city did your parents meet?")
We all know that passwords are a terrible security mechanism. People forget them, and bad guys are ever better at guessing them. So there are basically three ways to authenticate a person: something you know, such as a password, something you have, such as a driver's license, and something you are, a biometric. Two-factor authentication schemes are much more secure than single factor.

See more ...

posted at: 00:25 :: permanent link to this entry :: 0 comments
Stable link is


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

Standing Committee on Industry, Science and Technology Review of CASL
24 days ago

A keen grasp of the obvious
Live from the collander-cam
91 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse

© 2005-2015 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.