Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | Quell Pain Relief Review | Best TVs Under $500 | Complete Guide to Facebook Privacy

Use It

author photo

Why You Should Lie When Setting Up Password Security Questions

by on April 13, 2018
in Privacy, Computers and Software, Computer Safety & Support, Tips & How-Tos, Shopping, Tech 101 :: 2 comments

When you set up a new online account the website often will ask you to answer security questions so if the company needs to verify your identity, you can input the right answer to prove you’re you. For example, these probably sound familiar: “What is your mother’s maiden name?” or “In what city were you born?”

No doubt you’ve answered these kinds of online security questions, but really, there’s nothing secure about such generic queries. That’s because someone who wants access to your account could easily do some Internet research to dig up the answers.

So, what’s the best way to keep bad guys from finding out (or guessing) your security question answers?

Your best bet is to lie, especially on websites that only offer generic security questions and don’t let you customize your own questions.

But what’s the best way to remember your false answers?

Use a password manager that also lets you store notes securely. We like Dashlane (free for one device for Mac, Windows, iOS and Android, or $39.99 for multiple devices). The app doesn’t care what kinds of accounts and information you put in there, so you could create an entry titled “Security Question False Answer #1,” and so on, for as many bogus answers you need to remember.

An even better option, and one that many websites offer is to create your own custom questions. 

Think of little-known facts that unique to you, significant private moments that represent a milestone or warm memory—things that you have not posted on your Facebook page, or shared with others by way of quizzes on social media sites. 

If you think about it, coming up with these unique questions and answers simply takes a stroll down memory lane. For example, you might use the question, "What food caused your first bout of food poisoning?"

You want to have an extremely limited universe of people who would have any knowledge of things, events, or people that are special to you. Your age, your birth date, your mother's maiden name, your favorite color, your first pet's name, your engagement or wedding dates are often all easily found online.

The best way to keep strangers from finding out your personal information is to not make it public. Limit the information and events you share on social media sites and make sure you change your privacy settings on Facebook and other sites so the posts you do share can only be seen by friends and family. 

[Image credit: secure data concept via BigStockPhoto]



Discussion loading

gravatar

Forgotten Answers

From Tony on April 19, 2018 :: 8:37 pm

Interesting article, but so often people forget the false answers they give to these security questions. Then they fail a password reset challenge, and ultimately lose access to an important account. 

Some sites have actually moved away from the use of Secret Questions and many now prefer to offer various forms of 2 Step Verification.  This requires you to have your mobile phone available to receive SMS codes for verification purposes. It is not usually expected that someone else would have your phone, just as no one else would have your fingerprint.

Reply

avatar

I agree

From Josh Kirschner on April 20, 2018 :: 9:31 am

Hi Tony,

Yes, lying has its pitfalls, too. But it may still be better, in many cases, than using true answers for security questions that are all too easy to guess.

I was recently helping someone setup online banking and was shocked by the inane “security” questions asked by her bank (part of the Wintrust Community Bank company). Each could be easily guessed by anyone just by looking at that person’s Facebook or LinkedIn account, or how has even a casual relationship with them (e.g.):
- Q1: What city did you live in in 1971?
- What county is Main Street in? (well-known street in person’s current city), etc.

The worst security questions I’ve seen in recent memory, and these were from a bank!

2-step verification is far better but, unfortunately, not everyone offers it and it also can be breached. We recently covered a phone porting scam that has affected many of our readers. It allows hackers to switch your phone account so the hacker can intercept those SMS confirmations. By the time you know what’s up, your bank account has already been cleared out.

We still have a long way to go when it comes to ensuring online security…

Reply

© Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

site design: Juxtaprose