Who Developed this Site?

My name is Garry Scoville. I’m a product management, digital strategy leader focusing on digital products such as websites, web applications, and mobile apps. I love clean, intuitive, well-functioning websites. I have registered at many sites where I experienced frustration when resetting passwords. I run several websites under the business Kwista LLC.

I have considerable experience designing website login and registration pages and applications, and overseeing the user experience. However, I am not a security expert. Please read the disclaimer.

Why I Built this Site

I’ve registered at many websites noticed how bad most security questions were and still are bad. The clincher was when my bank website implemented sign-in security questions which were mostly bad. Not too long after, I attempted to sign-in to my bank, forgot the password, and could not correctly answer the bad questions. Of course, it was Friday afternoon, and couldn’t get access until Monday when I called the bank.

I realized that someone should recommend to website developers some better security questions. Well here they are. I hope you find useful questions here.


There are NO GOOD security questions; there are only fair or bad questions. Why? Security questions present an opportunity for unauthorized access. You use security questions at the risk of breaching sensitive information. Even those questions listed as good or rated high do not ensure a secure authentication or password reset attempt.  You use security questions at your own risk.

This website is not intended to provide authoritative or expert advice for securing and protecting website access. This is simply my experience and observations. If you want expert advice to develop security questions, you should seek a qualified security expert or professional.

Terms of Use

By using this website, you agree to this terms of use.

The Good Security Questions Full List is available only through a purchase transaction. Once purchased, the Full List may be used by the individual or entity that made the transaction. The Good Security Questions Full List spreadsheet and links may not be distributed or shared with any other person or group. If you have not purchased the Full List through this website, you are not authorized to view the spreadsheet or use the information from the spreadsheet.

Furthermore, you recognize that security questions are not secure and instead present a vulnerability from an attack. You agree to use security questions at your own risk of security breach or unauthorized access.

License to Use

Creative Commons License
This website and content within is licensed under a Creative Commons Attribution 3.0 United States License. The following conditions apply:

  • Security questions listed on this site, reset process, and user instructions: You may freely use, modify, and distribute the security questions and the user instructions without giving credit to this website.
  • The Good Security Questions Full List is licensed to use only after making the purchase transaction. You may not use this information without purchase.
  • You may not share or distribute the Good Security Questions Full List information.
  • Website Content: the website content may be copied and distributed if the website URL is included.
  • Website: the website in entirety, may not be copied or reproduced in any form.