Reliability of security issues as a mechanism for restoring access
https://doi.org/10.37493/2307-910X.2026.1.3
Abstract
Introduction. Under conditions of digital hyperpublicity, account-recovery methods based on a user’s “personal knowledge” become increasingly vulnerable. The mechanism of security questions, which relies on recalling autobiographical facts (a biographical code), faces a dual risk: answers can be compromised through open sources, and recall reliability can decline due to the reconstructive nature of autobiographical memory, interference, and the loss of contextual cues.
Materials and methods. An online quasi-experiment was conducted (N = 150; ages 20–45), including an assessment of digital engagement using the Digital Footprint Index and a cognitive test measuring recall of answers to 10 security questions of two types (standard and personalized). Accuracy, response time, and subjective confidence were recorded; for part of the sample, self-reports were selectively verified and a post-survey examined reasons for errors.
Results and discussion. Personalized questions were recalled worse than standard ones: lower accuracy, a higher proportion of “I don’t remember” responses, longer response times, and lower confidence; the differences were statistically significant (p < 0.001). A negative association was found between digital footprint volume and recall success (accuracy), and a positive association with response time; the effect was most pronounced for personalized questions. The post-survey indicated a significant contribution of interference and competing “versions” of memories.
Conclusion. The findings confirm systematic limitations of traditional security questions under digital openness and point to the need to shift toward more robust authentication mechanisms that incorporate contextual and behavioral user features.
About the Authors
I. V. AzarovRussian Federation
Ivan V. Azarov – Associate Professor,
1, Pushkin st., Stavropol, 355017
N. Y. Zakharchenko
Russian Federation
Nina Y. Zakharchenko – Lecturer,
1, Pushkin st., Stavropol, 355017
O. A. Sanamyan
Russian Federation
Oleg A. Sanamyan – Student,
1, Pushkin st., Stavropol, 355017
E. R. Semikolennova
Russian Federation
Elena R. Semikolennova – Student,
1, Pushkin st., Stavropol, 355017
K. A. Gediev
Russian Federation
Karim A. Gediev – student,
1, Pushkin st., Stavropol, 355017
References
1. Furnell S. The cybersecurity workforce and skills. Computers & Security. 2021;102:102130.
2. Bonneau J, Preibusch S. The password thicket: technical and market failures in human authentication on the web. In: WEIS. 2010. Available from: https://jbonneau.com/ [Accessed 15 Jan 2026].
3. Schechter S, Brush AJB, Egelman S. It's no secret. Measuring the security and reliability of authentication via "secret" questions. In: 2009 30th IEEE Symposium on Security and Privacy. 2009. Available from: https://ieeexplore.ieee.org/abstract/document/5207657 [Accessed 15 Jan 2026].
4. Nelson K, Fivush R. The emergence of autobiographical memory: a social cultural developmental theory. Psychological Review. 2004;111(2):486-511.
5. Benjamin G. Privacy as a cultural phenomenon. Journal of Media Critiques. 2017. Available from: Available from: https://www.ceeol.com/search/article-detail?id=697052 [Accessed 15 Jan 2026].
6. Marwick AE, Boyd D. Networked privacy: How teenagers negotiate context in social media. New Media & Society. 2014;16(7):1051-1067.
7. Van Dijck J. 'You have one identity': performing the self on Facebook and LinkedIn. Media, Culture & Society. 2013;35(2):199-215.
8. Acquisti A, Gross R. Imagined communities: Awareness, information sharing, and privacy on the Facebook. In: Privacy Enhancing Technologies. 2006. P. 36-58. Available from: https://link.springer.com/chapter/10.1007/11957454_3 [Accessed 15 Jan 2026].
9. Wegner DM, Ward AF. The internet has become the external hard drive for our memories. Scientific American. 2013;309(6):58-61.
10. Tulving E. Episodic memory: From mind to brain. Annual Review of Psychology. 2002;53:1-25. Available from: https://www.annualreviews.org/content/journals/10.1146/annurev.psych.53.100901.135114 [Accessed 15 Jan 2026].
11. Conway MA, Pleydell-Pearce CW. The construction of autobiographical memories in the self-memory system. Psychological Review. 2000;107(2):261-288.
12. Sparrow B, Liu J, Wegner DM. Google effects on memory: Cognitive consequences of having information at our fingertips. Science. 2011;333(6043):776-778.
13. Hardt O, Nader K, Nadel L. Decay happens: the role of active forgetting in memory. Trends in Cognitive Sciences. 2013;17(3):111-120.
14. Anderson MC, Neely JH. Interference and inhibition in memory retrieval. Memory. 1996;2:237-313.
15. Ozdes A, Karaman F. Remembering in the digital world: Autobiographical memory in social media. Psikiyatride Güncel Yaklaşımlar. 2023. Available from: https://dergipark.org.tr/en/pub/pgy/article/1122227 [Accessed 15 Jan 2026].
16. Schechter S, Brush AJ, Egelman S. It's no secret: Measuring the security and reliability of authentication via "secret" questions. In: IEEE Symposium on Security and Privacy. 2009. Available from: https://ieeexplore.ieee.org/abstract/document/5207657 [Accessed 15 Jan 2026].
17. Yan J, Blackwell A, Anderson R, Grant A. Password memorability and security: Empirical results. IEEE Security & Privacy. 2004;2(5):25-31.
18. Forget A, Chiasson S, Biddle R. User-centred authentication feature framework. Information & Computer Security. 2015;23(5):497-515.
19. Lynch MP. The internet of us: Knowing more and understanding less in the age of big data. New York: W. W. Norton & Company, 2016. 352 p.
20. Stajano F. Pico: No more passwords! In: Security Protocols XIX. 2011. P. 49-81. Available from: https://link.springer.com/chapter/10.1007/978-3-642-25867-1_6 [Accessed 15 Jan 2026].
21. Weinshall D. Cognitive authentication schemes safe against spyware. In: IEEE Symposium on Security and Privacy. 2006. Available from: https://ieeexplore.ieee.org/abstract/document/1624019 [Accessed 15 Jan 2026].
Review
For citations:
Azarov I.V., Zakharchenko N.Y., Sanamyan O.A., Semikolennova E.R., Gediev K.A. Reliability of security issues as a mechanism for restoring access. Modern Science and Innovations. 2026;(1):46-54. (In Russ.) https://doi.org/10.37493/2307-910X.2026.1.3
JATS XML















