Science and Tech


How Your Security Questions Could Get You Hacked

A recent study from Google found that most security questions used to protect our accounts from hackers are actually not very secure.
Posted at 6:18 PM, May 25, 2015

Google analyzed all those security questions we use to recover our passwords — and decided they're awful.

For example: What's your favorite food? If English is your first language, Google said there's a good chance the answer is pizza. (Video via YouTube / NewOrleansStyle504)

If that was the answer to your security question, the risk of being hacked after one attempt is 19.7 percent.

A Google software engineer writes"Secret questions are neither secure nor reliable enough to be used as a standalone account recovery mechanism."

The problem with simple questions — like, "What city were you born in?" — is that the answers are easier for hackers to guess. But Google also found that some questions might be too difficult. (Video via Upright Citizens Brigade)

Answering the question "What's your library card number?" will likely keep your account more secure, but Google said only 22 percent of people can actually recall that number. (Video via City of Long Beach)

In the study, Google also tested if requiring answers to two different questions would be more secure. It is. But adding a second question also gave account owners some trouble when they tried to recover their information. (Video via Macman, Inc.)

Google also found that 37 percent of users admitted to providing fake answers. Those attempts to make accounts more secure backfired because made-up answers are also hard to remember. (Video via Indiana University's Center for Applied Cybersecurity Research)

In publishing this report, Google wasn't saying we should eliminate security questions — they’re still good roadblocks for potential hackers. Just beware of the more obvious answers.

This video includes an image from Getty Images and music by Deal The Villain / CC BY NC ND 3.0.