This content has been marked as final. Show 4 replies
I like it, but then I'm a security guru.
The safety and usefulness is arguable both ways - an attentive user will give solid answers to their questions in a way which is not easily guessed, an inattentive user will give simplistic answers that are easy for a hacker to determine.
So, do you trust your users to set it up appropriately, or are they going to give the answer "Monday" to every question?
The questions are configurable though, right? So all you would need to do is construct a single highly complex question that requires the user to type a similarly complex answer. Something like... "Describe the benefits of encryption using fifteen words or less."
Your user's forgotten the password they use EVERY DAY, what chance is there of them remembering a set of answers they entered months ago? :eek:
I was looking for some additional info on how the user self-reset works, as far as "policies" go... I checked the EndPoint Encryption Admin Guide for PC but didn't find much in there. Is there a way to configure the user self-recovery policy such that x number of failed questions will result in the account disabling, or even the laptop disabling? I would love to use this feature but can't convince Security to allow it without some additional safeguards. sad