Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Answers to Security Questions
Old 08-23-2014, 08:51 AM   #1
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
TromboneAl's Avatar
 
Join Date: Jun 2006
Posts: 11,199
Answers to Security Questions

I don't like the security questions that are sometimes asked in addition to passwords.

First, I don't like them because some are too easily guessable researchable. For example, What was your first dog's name? Where were you born?

Second, I don't like them because the answer isn't always clear. Did I write Fido or fido? Did I write Chevy or chevrolet?

So, I'm considering a new policy. When asked to create some security questions/answers, I will always use one answer. For example, "This is my answer" That way, I'll always remember (I'll also record it in LastPass), and it will not be guessable.

For example: What is your favorite sports team?
This is my answer

Does anyone see any problems with that?
__________________

__________________
Al
TromboneAl is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 08-23-2014, 08:58 AM   #2
Recycles dryer sheets
 
Join Date: Nov 2012
Location: Yonder
Posts: 301
[/URL][/IMG]
__________________

__________________
tfudtuckerpucker is offline   Reply With Quote
Old 08-23-2014, 09:00 AM   #3
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
REWahoo's Avatar
 
Join Date: Jun 2002
Location: Texas Hill Country
Posts: 42,113
Quote:
Originally Posted by TromboneAl View Post
Does anyone see any problems with that?
This is my answer
__________________
Numbers is hard

When I hit 70, it hit back

Retired in 2005 at age 58, no pension
REWahoo is offline   Reply With Quote
Old 08-23-2014, 09:05 AM   #4
Recycles dryer sheets
Bram's Avatar
 
Join Date: Dec 2006
Posts: 214
Seems like a sensible thing to do...but then...
Are you going to have spaces between the words? Or not?
Will there be punctuation at the end?
Always something to tax our brains, eh?
__________________
.
.

Every step of the journey is the journey.
Bram is offline   Reply With Quote
Old 08-23-2014, 09:10 AM   #5
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
braumeister's Avatar
 
Join Date: Feb 2010
Location: Northern Kentucky
Posts: 8,606
It's definitely a good idea.
Another option, obfuscating the issue a little more, is to simply make up odd and untrue answers to the usual questions. That way, even if someone digs up your personal information and attempts to use your real answers to those questions, they will be wrong.

Example: What was the model of your first car? Beef stroganoff.

As long as you're using a password manager to keep track of them, you're fine.
Don'f forget to occasionally print out your info from the password manager and lock it away in a very secure place, just in case.
__________________
braumeister is online now   Reply With Quote
Old 08-23-2014, 09:19 AM   #6
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Jul 2006
Posts: 11,018
I have my own suite of basic passwords to which I add variations. I have one that I nickname "usual" and another is named "favourite". So I can make a note that the password for a particular purpose is "usual with the second letter capitalized and 6* at the end", or some such variation. The hardest part is coming up with complex passwords when the site will not accept anything except a specific number of alphanumeric characters with multiple punctuation marks, upper and lower case.

I like braumeister's idea about beef stroganoff!
__________________
Meadbh is offline   Reply With Quote
Old 08-23-2014, 09:25 AM   #7
Recycles dryer sheets
fosterscik's Avatar
 
Join Date: Jun 2013
Posts: 182
I do the single obscure answer on my accounts and have done so since an article appeared in a British paper ~6 months ago. I've had no problems. i favor a single long word e.g. my first pet = Gorgonzola, my mothers maiden name = Gorgonzola,... (Of course I use a different word!)
__________________
fosterscik is offline   Reply With Quote
Old 08-23-2014, 09:29 AM   #8
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
I tried one answer for all recently, and it wouldn't accept them. (Zebraskateboard, or some other non-sense combo).

But I agree it makes sense to use a non-sense answer for each, but then you need to remember or use a program or something.

-ERD50
__________________
ERD50 is online now   Reply With Quote
Old 08-23-2014, 09:33 AM   #9
Recycles dryer sheets
prudent_one's Avatar
 
Join Date: Jul 2014
Posts: 158
I also use the "one answer to all security questions" method. I use an old street address with no spaces - it gives me numbers, upper and lower case letters, and punctuation (abbreviation for St.) and so far has met requirements of all sites I use.

I felt a bit awkward when I had to give the answer to a rep on the phone who asked me one of the questions (mother's maiden name) but the rep didn't flinch at my oddball answer. They must get that a lot.
__________________
prudent_one is offline   Reply With Quote
Old 08-23-2014, 09:48 AM   #10
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
OK, this has me formulating a plan, similar (but less intense) to how I do my secure passwords.

Pick a random char group that you can remember (and write it down or store it somewhere), lets say "4sa7ya".

Q: What is your Father's middle name?
A: 4sa7yaname

Q: What city did you meet your wife?
A: 4sa7yacity


Q: What was the model of your first car?
A: 4sa7yacar

Q: What is the name of your childhood friend?

A: 4sa7yafriend

And if you get a human at some point, even if you get one wrong, like " fsasyawife" for " 4sa7yacity", I'd think they'd realize that you must be getting it 'right', who else would answer with a "4sa7ya-anything"?

Trivia Q - Why is "4sa7ya" not a good password combo?

-ERD50
__________________
ERD50 is online now   Reply With Quote
Old 08-23-2014, 10:12 AM   #11
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,891
Lincoln used it first.
__________________
Yes, I have achieved work / life balance.
travelover is online now   Reply With Quote
Old 08-23-2014, 10:13 AM   #12
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
RonBoyd's Avatar
 
Join Date: Dec 2007
Location: Denver, Colorado
Posts: 5,280
I have always used a short (5-letter) word as answer to those questions. In the case of the site not accepting duplicates, a variation of that word.

An example would be "crazy" and variations "crazier" and "craziest." It has been what ten-15 years now and have never had to vary. (even typing in that last 8-character word is the limit to my patience.)

(my motivation, BTW, was the suspicion that it was too much personal data to give away willy-nilly and would be used against me someday.)
__________________
"It's tough to make predictions, especially when it involves the future." ~Attributed to many
"In theory, there is no difference between theory and practice. But, in practice, there is." ~(perhaps by) Yogi Berra
"Those who have knowledge, don't predict. Those who predict, don't have knowledge."~ Lau tzu
RonBoyd is offline   Reply With Quote
Old 08-23-2014, 10:13 AM   #13
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,890
I've resorted to saving my security questions and answers in a password manager that allows for notes.

I've used random numbers along with an answer.

For example:

Q: what's your dog's name?

A: spot 6934

But hopefully if someone took my id/password and they get challenged on the phone and say "spot" the person on the other end won't go "close enough, you are good"
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is online now   Reply With Quote
Old 08-23-2014, 10:21 AM   #14
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Chuckanut's Avatar
 
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 6,333
If they want to know the mascot of your High School don't give the real answer - "porcupines". Instead come up with something really off the wall like "dragonducks". In this way even if somebody knows what high school you attended they still won't know your answer.

Also, the thought of you sending fire breathing ducks to avenge yourself, will scare them.
__________________
The worst decisions are usually made in times of anger and impatience.
Chuckanut is online now   Reply With Quote
Old 08-23-2014, 10:37 AM   #15
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
TromboneAl's Avatar
 
Join Date: Jun 2006
Posts: 11,199
Maybe "None of your business!" would be a good answer.

I recommend Lastpass. You can make it as secure as you want, and decide whether it will log in to a particular site for you, or just store your data.

__________________
Al
TromboneAl is offline   Reply With Quote
Old 08-23-2014, 10:47 AM   #16
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,282
Quote:
Originally Posted by ERD50 View Post
...
Trivia Q - Why is "4sa7ya" not a good password combo?

-ERD50
Quote:
Originally Posted by travelover View Post
Lincoln used it first.
Ding! Ding! Ding!

A few years back, I downloaded a list of the 64,000 (65,536?) most commonly used passwords, and 4sa7ya was one of them. So now I do a find on that file when I put together my 'keys' that I combine with a short phrase for important sites. I use two keys which are the same for all my important sites, so it is easy to remember, then add a short phrase that is unique to the site. I can write down the short phrase, and I have the 'keys' committed to memory. This is simple, and I don't need to rely on anything else, a paper list is good, and I have most of the short phrases memorized by now anyhow. EZ.

I'd link to the site, but I actually had concerns that it was trap of sorts, but you can google terms like that and proceed with caution.

-ERD50
__________________
ERD50 is online now   Reply With Quote
Old 08-23-2014, 10:55 AM   #17
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Chuckanut's Avatar
 
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 6,333
FWIW, I also use two factor authentication on all financial websites that allow it. Most two factor authentication sites will allow one to designate one's home computer, ipad, phone, etc. as 'safe' so you don't always need the second factor to logon.

But, when Boris in decides to break into your account from his dacha in Babushkin, he will have another problem to overcome.
__________________
The worst decisions are usually made in times of anger and impatience.
Chuckanut is online now   Reply With Quote
Old 08-23-2014, 11:18 AM   #18
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
TromboneAl's Avatar
 
Join Date: Jun 2006
Posts: 11,199
More on LastPass:

__________________
Al
TromboneAl is offline   Reply With Quote
Old 08-23-2014, 11:25 AM   #19
Thinks s/he gets paid by the post
 
Join Date: May 2014
Posts: 2,989
Quote:
Originally Posted by ERD50 View Post
I use two keys which are the same for all my important sites, so it is easy to remember, then add a short phrase that is unique to the site. I can write down the short phrase, and I have the 'keys' committed to memory.
I do something similar. I have a file with password info, but to anyone else, "Old AT&T e-mail password" or "greekislandyy" means nothing. To me, the latter is a specific island we visited, plus the 2-digit year we were there. I like the idea of starting with a nonsense key, though. I may try that next time I have to create a password.
__________________
athena53 is offline   Reply With Quote
Old 08-23-2014, 11:59 AM   #20
Thinks s/he gets paid by the post
Katsmeow's Avatar
 
Join Date: Jul 2009
Posts: 3,399
I use Roboform to manage passwords. The master password for Roboform itself is one that I don't keep in Roboform. I do have it written down (on paper not on computer).

For passwords, I have 3 types:

For places that don't matter that much -- I have something I typically use that no one would guess, and then I add something specific to each site. A password cracker would be able to eventually get those passwords.

For important places -- Mostly I let Roboform create a random password according to the password requirements of the site. These are passwords that I don't have any clue what they are and just rely on Roboform.

For important places where I might want to access them enough that I want to actually remember the password -- I create a sentence that I will remember and then use the first letter of each word (or it could be the second letter of each word or even the last letter of each word) with some special characters thrown in. These are usually very long.
__________________

__________________
Katsmeow is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Need Trusted Source for Answers to SS Questions fredberry FIRE and Money 5 10-27-2010 01:39 PM
SWR -I thought I had all my answers bigla FIRE and Money 4 10-08-2007 06:50 PM
Male/Female Differences - Scientific Answers? Billy Other topics 39 12-04-2006 11:36 AM
Best Answers to the Standard Questions TromboneAl Other topics 20 07-27-2006 12:19 PM
Scott Burns answers financial advisor's Vanguard questions Nords FIRE and Money 19 12-04-2005 12:11 AM

 

 
All times are GMT -6. The time now is 12:22 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.