Browse Definitions :
Definition

website security question

An internet security question is a backup measure used to authenticate the user of a website or an application in the event that they have forgotten their user name and/or password. Theoretically, a security question is a shared secret between the user and the website.

Because many security questions have answers that can easily be found online with just a little research, they are often criticized for making user accounts vulnerable to attack. Security expert Bruce Schneier referred to website security questions as an “easier-to-guess low-security backup password that sites want you to have in case you forget your harder-to-remember higher-security password.”

A security question should have the following characteristics:

  • The answer should not be available online.
  • The question and answer should be simple.
  • They should be about something memorable to the user.
  • The answer shouldn’t be anything that might change over time.
  • There should be many possible answers to the question.

Alternatives to website security questions include two-factor authentication.

This was last updated in January 2018

Continue Reading About website security question

SearchNetworking
SearchSecurity
  • man in the browser (MitB)

    Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is ...

  • Patch Tuesday

    Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system ...

  • parameter tampering

    Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's ...

SearchCIO
  • e-business (electronic business)

    E-business (electronic business) is the conduct of business processes on the internet.

  • business resilience

    Business resilience is the ability an organization has to quickly adapt to disruptions while maintaining continuous business ...

  • chief procurement officer (CPO)

    The chief procurement officer, or CPO, leads an organization's procurement department and oversees the acquisitions of goods and ...

SearchHRSoftware
SearchCustomerExperience
  • clickstream data (clickstream analytics)

    Clickstream data and clickstream analytics are the processes involved in collecting, analyzing and reporting aggregate data about...

  • neuromarketing

    Neuromarketing is the study of how people's brains respond to advertising and other brand-related messages by scientifically ...

  • contextual marketing

    Contextual marketing is an online marketing strategy model in which people are served with targeted advertising based on their ...

Close