Certainly the goal is a good one, the trouble is in the implementation. This whole affair reeks of panic driven and ill considered responses to a possible threat for some clients.
Others have pointed out that the questions asked are irrelevant or require details many will have forgotten. I was in third grade about 1956, nearly 60 years ago. Suddenly I'm required to remember details from that time?
It might have been better to alpha test these changes with some people not employed at IPS.
It is certainly true that many people use the same password on multiple sites, and criminals are exploiting this, but I resent being lumped in with a bunch of foolish muggles.
I've had it with IPS. First they assumed my password here was non-unique, then they forced me to endure a series of very badly designed and extremely annoying bullfaeces steps.
Email is completely insecure, sending a new password in email is IDIOTIC.
I do not know the model of my first car which I purchased 48 years ago.
I was called very many nicknames as a child
Most of the other questions were ambiguous.
My password already was secure, and it was much more complex than the stupid sequence of digits only that now resides on my email server, waiting to be hacked.
I WILL HANDLE THE SECURITY OF MY PASSWORDS
Foirtunately because I shopped at Pwnd Depot my credit card details are about to change, and I will not be able to enter it here because I gave bullfaeces answers to the bullfaeces security questions, so IPS please note the next time you try to bill my credit card it definitely will fail, and thanks to your very, very, very badly thought out security procedures I will not be able to change it.