Security question

Abstract: A method includes receiving usage data associated with a user device. The usage data includes information based on at least one usage activity associated with one or more applications on the user device. The method may also include analyzing the usage data based on predetermined criteria and determining a security question and a corresponding answer based on the usage data. The security question and the corresponding answer are stored in an associated database. The method further includes providing the security question and the corresponding answer in response to a request for the security question and the corresponding answer. Access is provided to a system based on an input of the corresponding answer in response to the security question.

Abstract: Nearly all websites that maintain user-specific accounts employ passwords to verify that a user attempting to access an account is, in fact, the account holder. However, websites must still be able to identify users who can't provide their correct password, as passwords might be lost, forgotten, or stolen. In this case, users will require a form of secondary authentication to prove that they are who they say they are and regain account access. Websites can use a variety of secondary authentication. The article discusses secondary authentication mechanisms, emphasizing the importance of assembling an arsenal of mechanisms that meet users' security and reliability needs.

Abstract: A method for providing an additional layer of authentication prior to accessing a user's account even though the user's credentials have previously been verified. User accounts are often accessed via a sign-in page that verifies the user's credentials. Upon detecting a device accessing the sign-in page, an identifier associated with the device is obtained. One such type of identifier is the IP address assigned to the device. Based on the identifier, it is determined whether the device is trusted or not. Even thought the user's credentials are verified via the sign-in page, if the device is not trusted, a second authentication page is presented to the user prior to proceeding to the account. The second authentication page presents at least one security question. The security question is based on information contained in the user's account (e.g., contact information, event information, electronic messages, etc.). The user is required to correctly answer the security question in order to access the account.