Fedora Account Change

Fabio M. Di Nitto fdinitto at redhat.com
Wed May 30 07:41:24 UTC 2012


On 5/29/2012 11:45 PM, Andre Robatino wrote:
> Kevin Fenzi <kevin at ...> writes:
> 
>> I think adding a 'security question(s)' feature would be great. 
>>
>> I would strongly suggest however that the questions and answers be free
>> form. There's little security in canned security questions that have
>> answers people can find out. ie, 'What was your high school?' 
> 
> I just use a password manager and if a site forces me to answer "security"
> questions, I put them in the Notes section using strong random passwords for the
> answers. For example
> 
> What was your high school? 48ZGrNaDQR75
> 
> I think the security questions should be optional in any case to save the
> trouble of having to make and store several strong random passwords rather than
> just one.

Or maybe have primary (company?) email and private email registered.

Instead of re-inventing a whole new chunk of code by introducing a
security question and all, simple allow 2 emails to be valid at any
given time.

Fabio


More information about the infrastructure mailing list