As a side effect of this, I came across a variety of "security" questions to be used for secondary identification and/or password reset requests. You've probably seen many of these.
The problem is most of the questions are about things that are either already public knowledge, or things that could easily be found out!
Don't you think all of the following information could be found in about two minutes by anyone who wanted it? Couldn't a smart network admin come up with better questions that only you would possibly know the answer to?
- Your mother's maiden name
- Your father's middle name
- Your birth place
- Your high school
- Your high school mascot
- The street where you grew up
- Your favorite pet's name
- Your first job or employer
- Your first car (particularly obvious for young people, who may have only ever owned one!)
If everyone on Facebook knows the answer, maybe it's not a very good "security" question, lol.
