Security Questions and Passphrases
In this article we will discuss security questions, security passphrases and why they are important.
Please Note: The term passphrase is NOT the same as a password. If you are looking for methods on how to create secure passwords, please click here.
Security questions are an extra form of verification we use to ensure that information remains private and that any requests to make changes are in fact coming from a verified user. This prevents 3rd party people from gaining access to your account information or making changes to your site.
The downfall with pre-made questions (e.g. “What was the name of your High School?”) is that it can sometimes be very easy to find this information. Either by searching, or by social engineering. We go into more detail about social engineering in our dedicated article on the subject here.
Because of this, we recently changed the way security questions work here at Site5 when setting new questions. Rather than having pre-built questions, you now have the option of setting either your own question/answer or to use a passphrase.
What is a Passphrase?
A passphrase can be whatever you want! This is something that you set and it can be an actual password, or it can be a random phrase or words that you will remember (e.g. a memorable quote). There is no actual limit on what you can put into the text box.
Because there is no inherent “question” that people could attempt to lookup the answer for, it provides a much better means of security for your account and private information.
Why do I still have the old questions?
When we made this change, we did not want to make it an inconvenience for our customers that already have security questions setup. If you are interested in changing your security questions to the new passphrase setup, please see the following guide on the subject…