There are better ways to identify people than security questions. Two factor authentication is a huge improvement.
Well, I’ve just successfully “changed” my recovery phone number on Google without having to enter in my password. So, it does apparently work.
That said, it does ask me to log in with my password, which is already pre-filled…and which features a checkbox below the password field which says “Show Password” – clicking on that box shows the actual password. If the OP sees something similar, that may actually let the OP rediscover his password.
So, from what I can see, there’s little on Google which seems to protect you from “I walked away from my computer for 2 minutes, and someone ran over to my computer, grabbed my info and changed it.”
My problem with security questions is they typically have a limited selection and often are of the “what is your favourite…?” or “what was your first…?”. Many if these questions are ambiguous and there is no guarantee that the answer I come up with when I’m locked out of my account are the same answers I came up with when I set up the account. “What is your mother’s maiden name?” is archaic and moronic (my mother’s maiden name is the one she has always had and still has.) It is not clear if the answers are case sensitive or not.
Security questions would be fine if we could write our own question, then I could write ones that have a known consistent answer, but most often we can’t do that. I wouldn’t mind if security questions were one of a number of secondary authentication options, it’s when it’s the only option that gets my goat. The result is that I have notes in my password manager of what the security question answers are.
Only if you set it up that way. Nothing is stored in my browser; everything is in my pswd manager, including website, signon, pswd, & other site-related info, like whatever random info I used to create an account on sites that don’t need real info.
Though, given that the OP is able to log into his Gmail account, despite not remembering his password, it seems likely that he does have it set up that way, at least for Google.
What is your mother’s maiden name?
&G4d#hytR@
Then, just store it and the question in your password manager.
You mean the password manager that I presumably don’t have access to if I’ve got to the point of having to answer security questions to gain access to my account?
Why would you ever not have access to your password manager?
Is this some post-apocalyptic scenario?
In this case, “password manager” refers to a third-party password management tool, like 1Password or LastPass. You can put those on your smartphone, or use through a browser, and they store all of your other passwords securely, allowing you to only need to memorize one password – the one for the manager.
Yes, I use 1Password. Perhaps I’ve forgotten the password to the password manager? Regardless, if I should rely on the app that stores my passwords to contain the answers to my security questions that I would use to recover an account I can’t access because I have forgotten my password, that is not a point in favour of security questions, that just demonstrates how useless they are.
If you use a password manager you have one job - remember the password to your password manager. If you can’t do that, it’s not clear that remembering the answers to your weak security questions are your best option.
Well I can remember my password to the manager, but it is still stupid to have a secondary security that people here are recommending to use the primary security system to store. If security questions were a good system, they would be memorable and wouldn’t need to be stored in a password manager. They are not a good system, therefore we apply workarounds. That is admitting the system is not good.
Personally, I didn’t install any third-party software for password management and just used the one built into my browser. It’s both easy to access and secure.
Yeah I mostly just use my browser. I use a different browser on the computer vs the phone and tablet so I occasionally run into issues where I need to try and locate the password manually as described above.
Oh, I agree. Security questions aren’t really worth the effort.
In Firefox, click on the hamburger (three horizontal lines on the far right of the second line) and choose logins and passwords (nearly halfway down) on the menu. A window opens that has a list of saved accounts on the left. For me, there is one called accounts.google.com. Click on that. To the right of the list there is something called password and an eye. Click on the eye and your password is revealed.
One security question I was asked was the name of my first elementary school. Since I went there only K-2, I really doubt if there is a person in the world who knows the answer. But I agree; it would be best to ask me to pose my own questions.
I’d like to hear from the OP to see if the problem was solved. Why does it now say “Sock Account” next to their name? Last post was number 36 (or 36).
[Moderating]
Since the OP is no longer with us, I’m closing this.