Trion Worlds recently made a post alerting players that their MMORPG game “Rift” had transitioned away from the old subscription-based model and would now be free-to-play.
I hadn’t logged into my account for years, but I decided it might be worth checking out. After logging in, I was faced with a screen saying that — for my protection — my old security questions had been removed and I’d need to change my password due to changes in complexity rules.
First off, my original password already met the new complexity rules, so I wasn’t pleased when I was forced to change it anyway.
Next, I was greeted with the following list of Security Question choices:
I don’t even know where to begin! So I might as well just start narrowing down my options.
Favorite toy? Maybe I’m a bit of an odd-ball, but I don’t really recall having one. I was the type of kid who spent him time playing with the taking-apart of household items to see how they worked. I mean, I guess I could answer “screwdriver” for this one, but that just seems kind of odd… and I might not remember it next time.
Childhood nickname? While I didn’t have one when I was growing up, maybe the other Rift’s players might. Even so, I’m sure most of them were used to make fun of the person’s weight, acne, glasses, braces, lack of skills with the opposite-sex (or presumed skills with the same-sex), and that sort of thing. Whatever the nickname, it probably isn’t something people want listed on their account…
For the name of the place I purchased my first car, I have no idea what that even means. Like the name of the dealership? Who freakin’ remembers that sort of thing?!?!? A better question might simply have asked the make/model of the first car or maybe the year of it. At least I’d have a better chance of knowing/remembering the answer.
For the first-born and youngest child questions, I have no kids… so I obviously have no answer for that.
I guess I could choose the question about the oldest cousin, but not only does it require listing out my cousins and remembering their ages, but what about her last name? It changed when she got married. But I think she got divorced a year or two ago… So do I choose her maiden name? And, if I do, will I remember that I chose it later?
Where my mother and father met is even more obscure than the car dealership question. At least I was around when the car was bought! Seriously, though, who actually knows where their parents met?
Again, maybe I’m a bit of a weirdo, but I never named my stuffed animals when I was younger… and I certainly wouldn’t know the name of my first stuffed animal.
I also neither have any sort of name-changing ideas nor do I have anyone I’m secretly in love with. And how are these even considered security questions? Let’s say you put in the name of someone who you are secretly in love with…. Great. But what happens in a year, two years, etc. when you’ve long-since moved on? When I was younger, I’d fall for a new girl pretty much every other week (or at least it probably seemed like it to others). They might as well ask the security question of “What did you have for breakfast this morning?” The general rule of security questions is that they should be based on the past — not the present or the future.
As for the movie star, alternate universe, and fantasy names… That’s just asking way too much. It’s not cute, funny, or clever. It’s trivial, pedantic, and insulting. they also go back to my earlier point… A person’s “significant other” can change over time, which makes it a poor choice for use in a security question. Similarly, asking the first name of a movie/book character or a childhood street name isn’t specific enough… The character or street name that pops into my head today might not be the same as what I think of tomorrow.
So… that leaves me with:
Wow. Lots of options…
I guess it’s a good thing I didn’t meet my significant other at my first job, though, or I’d really be screwed. They don’t allow the same answer to be used for multiple questions (why?).
I really can’t understand why Trion — or any company, for that matter — would choose to shoot itself in the foot with such horrible security questions (and seemingly pointless rules, like those preventing shared answers).
It adds a layer of unnecessary frustration into the user experience. When people have an issue and need to talk to Trion’s customer support staff, the last thing they need to hear is, “Ok, you have confirmed your childhood nickname was ‘Four-Eyed-Fatty’, but I’m going to need your Movie Star Name before we can continue….”