Safer Storage and Handling of User Answers to Security Questions
Date: July 26 2017
Publication: BSidesLV 2017
Source 1: https://www.researchgate.net/publication/318721386_Safer_Storage_and_Handling_of_User_Answers_to_Security_Questions
Abstract or Summary:
Like it or not, security question password reset isnít going away. Most organizations find it to be a cost effective approach that seems to work in practice. While there are many problems with this approach, one has received little attention: how to safely store the answers. I show that common methods used for storing password validation information are not suitable for security questions, and propose better alternatives.
PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=CqwbCxP7MC0
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.