WebApp Sec mailing list archives
Re: User verification questions
From: John Manko <jmanko () johnmanko com>
Date: Tue, 11 Oct 2005 10:21:40 -0400
Let the user create his/her own question Derick Anderson wrote:
What good questions can be used for user verification? I've seen some password recovery interfaces which have the typical mother's maiden name, city of birth, etc. and others which let the user define their own question (a stupid idea in my opinion, but I'm willing to be educated). I'm thinking beyond a password recovery interface - I'm more concerned with a general protocol that could be used in situations where email isn't an option. Thanks, Derick Anderson
Current thread:
- User verification questions Derick Anderson (Oct 11)
- Re: User verification questions Andrew van der Stock (Oct 11)
- Re: User verification questions Mark Jeftovic (Oct 11)
- Re: User verification questions Yousef Syed (Oct 13)
- Re: User verification questions John Manko (Oct 11)
- <Possible follow-ups>
- RE: User verification questions Derick Anderson (Oct 11)
- RE: User verification questions Auri Rahimzadeh (Oct 11)
- RE: User verification questions Derick Anderson (Oct 11)
- Re: User verification questions bryan allott (Oct 12)
- RE: User verification questions Auri Rahimzadeh (Oct 12)
- Re: User verification questions bryan allott (Oct 12)
- RE: User verification questions Auri Rahimzadeh (Oct 11)
- RE: User verification questions Derick Anderson (Oct 12)
- Re: User verification questions Gary Gwin (Oct 13)
- Re: User verification questions Andrew van der Stock (Oct 11)