9.24 Security Questions

In Security Questions authentication method, an administrator can set up a series of predefined questions. A user must answer these questions to get authenticated. Security Questions are used when users forget their passwords.

Security questions are often easy to guess and can often bypass passwords. Therefore, Security Questions do not prove to be secure.

You must follow few guidelines to use this method. You must use Good security questions that meet five criteria. Ensure that the answers to a good security question are:

  1. Safe: Cannot be guessed or researched.

  2. Stable: Does not change over time.

  3. Memorable: Can be remembered.

  4. Simple: Precise, easy, and consistent.

  5. Many: Has many possible answers.

Some examples of good, fair, and poor security questions according to goodsecurityquestions.com are as follows. For a full list of examples, see the website goodsecurityquestions.com.

GOOD

  • What is the first name of the person you first kissed?

  • What is the last name of the teacher who gave you your first failing grade?

  • What is the name of the place your wedding reception was held?

  • In what city or town did you meet your spouse/partner?

  • What was the make and model of your first car?

FAIR

  • What was the name of your elementary / primary school?

  • In what city or town does your nearest sibling live?

  • What was the name of your first stuffed animal, doll, or action figure?

  • What time of the day were you born? (hh:mm)

  • What was your favorite place to visit as a child?

POOR

  • What is your pet's name?

  • In what year was your father born?

  • In what county where you born?

  • What is the color of your eyes?

  • What is your favorite _____?

Configure the following options for the Security Questions method:

  • Minimum answer length: The minimum number of characters an answer must contain.

  • Correct answers for logon: The number of answers a user must answer correctly to get access.

  • Total questions for logon: The number of questions that are presented to the user while authenticating.

For example, if the Correct answers for logon is set to 3 and the Total questions for logon is set to 5, the user needs to specify only 3 correct answers out of a set of 5 questions.

9.24.1 Adding Questions

You can add questions based on your requirement. These questions can be translated in languages that are supported by the Advanced Authentication portals. For example, you set a security questions as What is your pet name?. While enrolling and authenticating, this question will be displayed in the language that the user selects in the portal.

To add questions, perform the following:

  1. Click Add to add a question in the Question window.

  2. Specify the question in Question.

  3. You can specify the question to be translated in the required language.

    This translated question is displayed in the portals and Clients based on the selected language.

  4. Click the save icon to save the question related settings.

You can add more questions depending on the requirement.

Click Save to save the configuration settings for the Security questions method.