City of birth? Why password questions are a terrible idea

Using secret questions to give people access to their passwords is a terrible idea, according to a new paper from Google.

A white paper [PDF] called "Secrets, Lies, and Account Recovery: Lessons from the Use of Personal Knowledge Questions at Google" dug into the data of millions of users interactions with a range of password-recovering questions and concluded they were not only largely ineffective, but also a security risk.

The idea is a fairly logical one: to let someone access their account if they have forgotten their password, give them a question that is likely to be specific to an individual and use their answer to verify who they are.

The problem? We can't remember the answer most of the time, or we actually purposefully lie to ourselves and give the wrong answer in the belief that it will make the system more secure (not realizing of course that we will forget the fake answer all too quickly).

Another gems from the paper: what we believe is our favorite food at any given time changes so what you typed in when you set up the password recovery question is likely to have changed by the time you need to use it. If asked within a month, you are 74 per cent likely to remember it; if asked three months later it's a fifty-fifty proposition that you'll recall the favored dish.