"What is your favorite food?" "What is the name of your pet?" "What is the name of your first teacher?" You must have seen some of these questions and even answered one of them when signing up for a website. These are examples of "security questions," a method used by some websites for password recovery.
Designed to be easy for account owners to remember, security questions should be difficult for others to answer. However, with the popularization of the Internet, the vast amount of information voluntarily shared on social media, and the problems caused by data breaches, some answers can be easy to guess.
Therefore, when a website prompts you to register a security question, consider these tips:
Choose questions with answers that cannot be easily guessed.
If possible, create your own security questions.
Choose answers that cannot be guessed based on publicly available information.
Nevertheless, it is recommended to configure other password recovery methods, such as an email address. Also, remember to enable two-factor authentication. This way, even if someone manages to discover or recover your password, it will not be easy for them to access your account as they will need additional forms of authentication beyond the password.
More information: https://cartilha.cert.br/fasciculos/#autenticacao (Portuguese only)
Topic suggested by Fabio Storino (https://br.linkedin.com/in/fabio-storino)
Video Description
The video begins with the question "Are you creating an account on a website?" A gray-haired man with a goatee is shown sitting in front of a computer, filling in fields on a website to create an account.
The scene changes, and the security question "What is the name of your dog?" appears on the computer screen. The man answers "Bob". Above him, the phrase "and need to answer a security question?" is displayed.
In the third scene, the man is still at the computer and remembers a post he made with his dog Bob on a social network. Then the phrase "Don’t use personal information that is public" appears. Assessing the situation, he decides to enter his dog's full name: Bob Bartholomew III.
The video ends with a thief tampering with a computer and attempting to recover the password for the man's account. He enters the name of the dog he saw on his social media profile, but the answer is incorrect. As a result, the thief cannot access the account. The final phrase is "Don’t allow your account to be stolen."
LICENÇACC BY-ND
Companies and organizations interested in participating can become partners in this initiative, adding their logo to a customized version of the videos, which can be published on their website or on other channels. Send us an e-mail parceriacidadaonarede@nic.br to request the application of your company or entity's logo to our videos.
