Embodiments of the invention relate generally to information security, and more particularly to automatic generation and use of security questions and answers in electronic account management.
Electronic information is often accessed using security credentials such as passwords. Maintaining password security in light of increasing threats is a challenge. One common way to increase password security is to require users to select passwords having a minimum strength requirement, for example, at least 8 characters, at least one number, at least one uppercase letter, and/or at least one special character. However, methods exist that may defeat such passwords, including brute force attacks, social engineering, remote access tools (RATs) and keyloggers, phishing, and rainbow tables. An additional layer of security may be added by requiring users to select one or more security questions and answers. Security questions also allow users to recover access to accounts if a password is lost or forgotten, and help protect them against suspicious logins.