Comments | soph: Secret Questions, and why they're a problem

soph

Secret Questions, and why they're a problem

Mar 17, 2009 13:24

[this is a public post]

I'm seeing a lot of misinformation going around LJ regarding the security of LiveJournal accounts, so I want to take this opportunity to correct these.

Myth: Setting a secret question will make your account more secure.

This is false. Secret questions are not intended to make your account more secure; they're intended to ( Read more... )

security, public, livejournal, big posts, psa

Comments 4

intrepia March 17 2009, 17:05:37 UTC

LJ will send a password reset email to either the currently validated email, or an email address that was previously validated on the account if you specify one.

Actually, the current email address doesn't need to have been validated to receive a password reset email.

This is all very sound and necessary advice. Bravo!

soph March 17 2009, 17:10:36 UTC

Oops. I knew that, as can be seen earlier on - "to either your current email or any previously validated email address" - but I said 'validated' instead of 'listed' in that line you pointed out. Fixed! (and reworded a little better as well)

anonymous March 17 2009, 18:38:49 UTC

Awesome post, this should be cross-posted to news IMO. No reason LJ should be lying to everyone and saying that the secret question makes your account more secure.

-mayerman (on a school comp and don't want to log in :P)

(The comment has been removed)

soph March 18 2009, 00:16:55 UTC

No probs. <3

I must admit to being confused on why you chose that userpic though specifically. Did I make an apostrophe mistake? I checked and can't see anything.