You can use any challenge question you like. However, you must remember that your recipient will need to be able to answer this question before they will be permitted to open the email that you are sending. Your challenge question MUST therefore be something that your recipient will either know or something that you have agreed on in advance.
We suggest that you don’t use anything which can be easily 'socially engineered' e.g., a piece of information about your recipient that might easily be discovered in a Facebook or LinkedIn profile such as a child's or a pet's name.
Business users might wish to consider the use of a suitable 'customer id’ or agreed ‘password’ that is recorded against the client record in a CRM system.
If you're using Read Without Email Verification then the importance of the challenge question and answer increases as it's all that prevents someone from reading your message.
If you have the recipient's mobile number, then you can use that instead. Mailock will send a code to their phone which they enter to open the message. Just choose 'Send authentication code via text message' on the challenge screen.
The recipient of your secure email will be allowed five attempts to answer the challenge. After five failed attempts, the email will be set to 'revoked' and you will be notified of the revocation. For more details, click here.