Sprint Security Questions Ridiculously Easy To Guess > Don't bash too much

Don't bash too much

I don't believe in security questions because they give out too much information even as stupid as they seem.

I actually would prefer to opt out, so you can't really guess to obtain access. If you forget your password the only way to get it changed is to visit a Sprint Store where they can do it for you, that basically is just a random generic password.

I don't see what is so hard about remembering a l/p or even several. This is a wide spread problem though, the only difference is that this some offer choices to your answer, while others simply ask you to type in your answer.

reply to HarleyYac
Difficult questions people don't remember and a lot of the more personal questions can be answered with access to many of the databases of personal information that are maintained in this country. The point of the questions is to be easy to remember but of such a common nature that you would really have to know the person, not have access to their credit file, to answer.

The questions in this case are far to easy, but ideally you want something so unimportant that it doesn't make it in a database, but when combined with a few other questions like it, becomes completely unique to you. All the tricks the banks used to use to secure access are actually easy to acquire if not a public record. Mother's Maiden name is trivial to acquire through a genealogy research site. Where you lived, went to school and most of the details of your life are kept in a database that all you need is $$ to access. It's much easier to design security questions if you make the assumption that there is no such thing as private information anymore, only information that's too trivial to index.

Some of the better security simply has you pick a picture and phrase to show you every time you log in so you know you aren't on a phising site. Simple, impossible to fake on a large scale (can't figure it out with a database) and easy to remember.