Which authentication practice is preferred for onboarding rather than security questions?

Study for the User Account Management Test. Enhance your skills with flashcards and multiple choice questions, each with hints and explanations. Be prepared for success!

Multiple Choice

Which authentication practice is preferred for onboarding rather than security questions?

Explanation:
Onboarding should verify identity with strong methods, not rely on static questions. Multi-factor authentication provides a much stronger safeguard by requiring two or more independent proofs of identity, such as something the user knows (a password) plus something the user has (an authenticator code from an app or a hardware key), or even a biometric factor. This layered approach means that even if a password is compromised, an attacker still needs the second factor to gain access, which dramatically reduces the risk of unauthorized onboarding. Relying on device-based authentication alone can be risky because devices can be lost, stolen, or impersonated, and they may not prove the user’s identity in a robust way. Password-only authentication is vulnerable to phishing, credential stuffing, and reuse across sites, offering little protection. Security questions, while sometimes used, are a weak form of authentication since answers can often be guessed, researched online, or stolen, and they don’t provide the same assurance as contemporary multi-factor methods. Therefore, the best practice for onboarding is to use multi-factor authentication with a supported factor, reserving security questions only as a supplementary control if at all, and only in conjunction with stronger methods.

Onboarding should verify identity with strong methods, not rely on static questions. Multi-factor authentication provides a much stronger safeguard by requiring two or more independent proofs of identity, such as something the user knows (a password) plus something the user has (an authenticator code from an app or a hardware key), or even a biometric factor. This layered approach means that even if a password is compromised, an attacker still needs the second factor to gain access, which dramatically reduces the risk of unauthorized onboarding.

Relying on device-based authentication alone can be risky because devices can be lost, stolen, or impersonated, and they may not prove the user’s identity in a robust way. Password-only authentication is vulnerable to phishing, credential stuffing, and reuse across sites, offering little protection. Security questions, while sometimes used, are a weak form of authentication since answers can often be guessed, researched online, or stolen, and they don’t provide the same assurance as contemporary multi-factor methods.

Therefore, the best practice for onboarding is to use multi-factor authentication with a supported factor, reserving security questions only as a supplementary control if at all, and only in conjunction with stronger methods.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy