How to make sure those Mother’s-Maiden-Name “security” questions are really secure
Even if you only read the newspapers you’re probably aware that usernames and passwords aren’t very secure from determined hackers. Turns out those “security” questions they ask can be even less secure — in some cases while your passwords are encrypted your answers may be stored in plain text! How is this a problem?
How is it not?!?!
You know how if you use the same password hackers who uncover account information for one service, say, Facebook, will try the same password on, say, Twitter. Or, oh, say, your bank?
Guess what? Chances are you’ve only got one mother, and chances are her maiden name hasn’t changed. Same with your first phone number, the first town you went to, where you went to college or… anything else that makes it easier for identity thieves to uncover even more information about you. Even off-line information “Hi Mrs. So-and-so, remember me? I your son used to be my best friend? Remember our dog’s name was such-and-such? I wonder if you could send me…”
So just so you know, treat those security questions the same way you treat passwords: make something up! If you’ve got a password manager like 1Password, Dashlane, or LastPass, make those security answers arbitrarily complicated and add them as notes.