While it’s clear companies seem to get hacked regularly, the steps taken to keep users safe are a joke. Companies still rely on asking personal questions in an effort to make users feel safe, but those attempts are laughable.
I wasn’t laughing earlier this week as I was setting up a few new accounts.
As anyone knows, creating accounts can be a real pain in the buttocks. But, since I’m kind of a geek, I would sometimes find the humor in choosing and answering my three security questions. (Wondering if I’d remember the answers.)
What band was your first concert?
What was your favorite dog’s name?
Where were your parents married?
What model was your first car?
Who was your childhood bff?
Cool.
I never thought much about the security questions until the last few times when I encountered a few like this:
In which city were you married?
What is the name of your eldest child?
At what time of day was your oldest child born?
How old was your father when you were born?
What?
I felt I had taken a step back in time.
Sure, these questions might be ok, if there were a lot of options, but these were four of the seven provided.
I’m not a super touchy person who gets triggered easily or angered at the drop of a hat. But, these questions made me question this process and its security.
Whether you’re a man or a woman, in this day and age, it’s quite possible you’ve never been married or had a kid. It’s also possible for some folks, they didn’t know their dad. Or, if they do, maybe they don’t want their security question asking how old he was when they were born.
But, the bigger question: Why so very personal? And, from a woman’s perspective, why so presumptive. It made me wonder: are the questions the same for a man or a woman of any age?
I can’t imagine a 22-year-old being asked about the birth of their eldest child. Or, where they were married.
These questions had to be options based on my age and gender.
I chose the questions I could answer like, where was my elementary school located.
But, I didn’t feel safer for answering. Somehow I felt like the company asking them was 1) Prying to gather personal data 2) Not concerned about safety 3) Was sexist.
As many others have argued, it’s time to shut this process down, if only for the fact that it doesn’t make us safer online. This is a practice that should be relegated to the past, just like the presumptive questions being asked.
Seems no matter where you look online, banks, retailers and even medical providers are hacked. Our information is floating in space on the interwebs.
Obviously, security is a top concern. Who wants to sign up for a service only to find out later, “OOPS, our bad, your information was hacked. Here, we will give you free credit monitoring for a month.”
Doesn’t cut it.
