Hackpads are smart collaborative documents. .

Ian Maddison

101 days ago
Unfiled. Edited by Ed Horsford , Ian Maddison 101 days ago
Ed H
  • Account security questions
Services should avoid using security questions. They are often guessable or else easily forgotten by users.
Possible alternatives:
  • reset via email/sms/letter
Ian M
  • Consider interaction with two-factor authentication here (e.g. reset via SMS when SMS is in use as the second factor is bad, it defeats the point of requiring two factors).
Ed H
  • dynamic contextual questions e.g. reg plates you registered last week.
  • move to an identity-based system like Verify
  • allow colleagues to approve resets (would need careful design)
  • Multiple failed logins

Contact Support

Please check out our How-to Guide and FAQ first to see if your question is already answered! :)

If you have a feature request, please add it to this pad. Thanks!

Log in