Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
This is slightly off PHP, but does anyone have a decent list of standard questions to ask a customer, that is personal, but not necessarily a password type answer.
An example would be "Mother's Maiden Name" - but as this is easy to look up, we were trying to think of some non-objective ones, but something more subjective (assuming I've got my ob & sub the right way round )
I'd agree with you all, however, there are various draw backs to various things!
In terms of using personal details (mother's maiden name/father's middle name etc), these are fairly easy to find nowadays.
With regards to linking directly to an email address, again that is not necessarily completely secure - but what is! But, as this is part of a system to allow users to reset their password for their email account, sending it to an email address isn't really gonna work!
We're also trying to get away from users setting their own questions, as some users put things that are particularly blue - and when they ring up our support desk, it makes things somewhat interesting, and indeed embarassing when you have to ask a customer what their favourite body part is (and that's just a minor one)!
So, I think we're gonna stick with the favourite x, but also get more details off them, possibly using postcode, date of birth etc.
Lol, I'm sure that they would give it to you
Services like Google do let you choose a question, common questions are:
Mother's Maiden Name
Frequent Flyer Number
First Phone Number
Pet's Name
Just to name a few...