How to change security question/answer pair

[Boroondas Gupte]

I do know the password to my account, so I can log in. However I've forgotten the answer I chose for the security question at sign up. For the case I should forget my password, can I set a new security question and answer which I will remember? If so, how?

[Boroondas Gupte]

Boroondas.Gupte wrote:

For the case I should forget my password, can I set a new security question

Ooops, this is probably unclear. I mean, "Can I set a new security question now, to be prepared for the case that I might forget my password later?". (Being able to (re)set the security question without loggin in of course wouldn't make a lot of sense, security wise)

[MadamG Zagato]

I don't remember ever having created a security question lol .  There doesn't appear to be any way of changing it from the account pages.  Only your password, email address, and billing information can be changed.

[Boroondas Gupte]

MadamG.Zagato wrote:

 

There doesn't appear to be any way of changing it from the account pages.  Only your password, email address, and billing information can be changed.

Because nobody else answered and because I can't find any way to do it, either (that's why I asked), I'll just assume this is correct.

MadamG.Zagato wrote:

 

I don't remember ever having created a security question lol .

It's still on the form: https://join.secondlife.com/

 

If you weren't asked to set one, I guess you've subscribed via a third party using LL's RegAPI, like e.g. http://slregapi.com/mainframe/register.php

 

This is another reason why it'd be good to be able to (re)set the question and answer later, so I'll probably file a feature request about this.

[Boroondas Gupte]

Boroondas.Gupte wrote:

 

so I'll probably file a feature request about this.

Done: WEB-1171

[Itazura Radio]

The whole point of a security question is it is something only you would (or should) know so if something happens and you need to prove your account really is yours you can do that. You would need that in case someone, say... steals your password. If they make it possible to log in with your password and change it that sort of defeats the purpose doesn't it?

 

I had a friend who had his account stolen that way. They guessed his password, changed his email and logged into his account. He had to call Linden Lab to prove his identity to get it back. The way you do that is with the security question.

 

If you don't have one I imagine you can contact them and set one up, but frankly if you made an account and used bogus info you don't remember and don't remember the security question either you're going to have a problem I think.

[Boroondas Gupte]

I was thinking more of an password forgotten scenario than of compromised accounts. I'm not yet sure whether it's a major flaw that the same information is used for simple password retrieval and to prove that one's the rightful owner of a potentially compromised account.

 

The choice of questions is quite limited and most of them have answers easy to guess (or even know) for people knowing you in real life. So for some, the only save option might be to provide a bogus answer.

[Itazura Radio]

If you're going to give a bogus answer then make it a bogus answer you'll remember.

[DonRojo3]

Are you guys/girls all daft. It is a simple I like to change my password, but in this case my security question, question. 

And just like any other time somebody wants to  change there password, there might be good reasons for wanting to  do that.

Don't make the question more complex than it is. 

The only difference this time is that you want to change the "password", because you have forgotten the "password. Normally that is where the security question comes in. But this time somebody remembers the original password. (which right now would function as the security question). You could argue that the security question has an extra layer of security. But since the security questions  are usually unusuable low security,....why pretend there is security there is not? In fact it is laughable. Don't make up a stupid easy password...WE will just do that for you in the security question . Welcome to the insanity of the world!

Ah well. I figure it is going to take me ages to figure out how  to change my security question here, since I got a typo in it. Haven't we invented the famous type your password 2x method of selecting a new password. And a security question is a password  in itself! Not a good first impression 2nd life.