De-bloomed Porch Pup and Security Questions
by Bella Rum
It’s windy. I guess it’s windy in many places. Several of my blog buddies have mentioned it. I noticed the other day that the green flowers I put in the St. Patrick’s Day Porch Pup were gone. Who knows where the wind took them.
Yesterday, we went online to check some financial stuff, and we were asked to update our security “password reset” questions. Security reset questions are the weakest link when it comes to securing your online information. First of all, the questions are awful, and if you answer them correctly, you’re leaving yourself open. If I didn’t know better, I’d say they were designed to leave breadcrumbs for hackers.
This was one of our most important online activities, and the questions were pathetically feeble: in what hospital were you born, when is your anniversary, college you attended, mother’s birthday, mother’s maiden name, grandmother’s first name, etc. All appalling questions that at least some people you know could answer, or the answers could be found in a five-minute online search if you know where to look, and hackers do. There’s a plethora of information out there. To make matters worse, sites often save security questions less securely than passwords, so it’s easier for hackers to get to them.
I’ve read that you should never answer them correctly. One suggestion is to get a password generator to create an answer for each question. But here’s a little trick: think of a random silly phrase (how about “slimy donuts”) to write before your real answer, and a silly word (bumpkin) after your answer. The phrase and silly word never change (so you’ll remember it), but your real answer does. These are not my silly words. I thought them up just for you.
Question: What is your best childhood friend’s name?
Answer: slimy donuts Phillip bumpkin
Question: What is your birth month? (terrible question because it only has 12 possible answers)
Answer: slimy donuts September bumpkin
It may not be perfect, but it’s better than just giving the correct answer. Those questions are way too easy for hackers to find or figure out. At least my account required me to answer four awful questions as opposed to three. I guess that’s something.
Jean R of Misadventures of Widowhood went to a class taught by two geeks on how to manage passwords and create safe ones. Check it out.