I think that this would work very well; however, the lazy side of me doesn't want to have to check my phone for a randomly generated password each time. I think it would work better if it randomly picked one those verification questions (Where were you born? What is the first name of your best friend?) but it cycled through each time so that it was never the same question twice in a row. That way if someone stole the information, they could not log in until you had logged in another 4 times separately.
Correct me if there is anything wrong with this idea please.
English
-
[quote]the lazy side of me doesn't want to have to check my phone for a randomly generated password each time[/quote] You don't. You can actualy set up your device to not ask for codes as long as you're active at least once every 30 days. Meaning if you always check online everyday, you won't have to use a code unless you use a [i]different[/i] computer. [quote] I think it would work better if it randomly picked one those verification questions (Where were you born? [/quote] Not up to me, but that means you have a fixed pool of answers. How many question will the be possible? 5/6? Once a user gets access to all your questions, it won't matter which one it generates because they could answer all of them. With this, there isn't a fixed variable. You literally have hundreds of thousand if not millions of combinations that are generated for you. Even if you had a friend looking over your shoulder looking at you type in your code, it wouldn't matter, because when they enter your information, they need a brand new code from your phone.