Security Questions Customer Experience Adventure

Thought I might share an interesting customer experience story with you.

Ever notice when you have an online account, especially one with great value or importance, the website will make you use “passwords” which you are supposed to not be able to forget, i.e. security questions?

Well, I happen to have a financial asset which I access online from time-to-time. Upon accessing it one day, I was prompted to provide answers to security questions. Now, some of the questions I was not able to use, because they were null sets- for example, “Where did you get married?” “What is the name of your most recent child?” i.e. I do not have a spouse nor do I have children. Therefore I skipped over such questions and selected some different ones.

Unfortunately, I made a mistake. One of the questions was an opinion question. I made the mistake of choosing an opinion question. So, I provided the answer to it, then accessed my account.opinion

Later, I tried accessing my account and realized that I messed up. Sure, I was able to answer the question just fine the first time, however, there was a certain window of time between the first time I accessed the account and the second time. During that window, my opinion changed and I was unable to answer the security question I set up!

They gave me the option of an opinion question. My opinion changed. Therefore, I did not remember my original answer to the question and I was locked out of my account. This is a big flaw in the system. I was able to call them and get access to my account through other means on the phone and I gave the company some feedback.

So, anyone who is reading this who may create an advanced, secure website in the future: Never allow opinion questions as a a possible security question for users to access their accounts! This is one of the many problems of computer security issues that you don’t have to be a Computer Science major or an IT professional to solve.