ADSelfService Plus in action
How to frame strong security questions and answers
Due to their simplicity and effectiveness, security questions and answers have become a popular method of identity verification. They can be used as a secondary authentication factor, or a verification technique for self-service password reset.
Here are some suggestions that can help make your security questions and answers a foolproof way to ensure security.
- Ensure your questions have:
- Unique answers: Use questions whose answers will be unique to each person. For example, "What was your favorite toy as a child?" is a good question.
- Answers that are not available on social media: The question should not focus on details that can be easily found on social media. For example, "What was your first job?" is a bad question as this is often found on social media profiles.
- Stable answers: The answer should stay consistent and not change over time so it's not forgotten. "How old are you?" is a bad question for multiple reasons; it's a common fact, and it also changes every year.
- Inconspicuous answers: It's good to have questions that focus on lesser known details of a person. For example, questions about a person's childhood or similar topics. "What were you the most scared of as a child?" is a good question, as it's rarely known to others.
- Ensure your answers are:
- Sensible: The answers should be meaningful words or sentences. They should have a minimum length requirement.
- Not repeated: The same answer should not be repeated for many security questions.
- It's best to have enough security questions so security is adequately fortified, but also to ensure the process isn't too long or tiresome. A different subset for every authentication should also be present. This provides protection against phishing attacks.
Set up security questions easily with ADSelfService Plus
ADSelfService Plus is an integrated Active Directory self-service password management and single sign-on solution with an entire section dedicated to setting strong security questions and answers to meet your needs.
1Customizable security questions
2Unique answers
3User-defined questions
4Security Q&A strengtheners
Customizable security questions:
You can choose your questions from the predefined questions available or add your own. You can also decide the number of questions to be added, and the number of questions that are required to be answered during verification.
Unique answers:
ADSelfService Plus can check the answers given by the user for minimum and maximum length, and ensure they're not repeated for any other question.
User-defined questions:
Apart from admin-defined questions, which are common for everyone, users can also be granted the option to include their own questions and answers to improve security.
Security Q&A strengtheners:
This section combines all the settings that can help you design strong security questions and answers under one tab. This includes Security Answer Strengtheners, Security Questions Display Preference, and Security Answer Authentication.
Stop depending on just passwords to secure your IT resources
Get Your Free Trial Fully functional 30-day trial