Customers using the Self-Service Password Reset feature of FIM 2010 have reported some concerns that users do not answer the “security” questions seriously. They might answer “A” for all questions for example, just to get rid of being required to register for SSPR. In R2 this behaviour can be prevented!
Look at the screenshot below from FIM 2010 R2 RC released yesterday.
In the new QA gate you can force the users to not having the same answers to two questions and also define a regular expression that the answers need to satisfy.
In my opinion this will increase the number of users who will answer the questions seriously!