Secret Questions and Answer Design

There is controversy as to whether secret questions and answers really add much to the security of a site. That said many major sites do rely on them. With more connected world and social media, secret answers are often available online with some research. The first decision is whether to use a secret question the […]

Securing Password Change Top 10, well 13

By password change I mean when a logged on user decides to update their password i.e. they know the current password. The following need consider Remember to add the functionality in the first place as it is good practise Make sure the pages and responses¬†are over HTTPS The user should have to enter their original […]