Caution Around Answering “Security Questions” Accurately

A post by Brian Krebs on his site, https://krebsonsecurity.com prompted me to write up a post as well.
He accurately recommends not answering those Social Networking questionnaires that ask for things like “What was your first car?” or “What was your favorite teacher’s name?”, with accurate (or even ANY) details. I’m sure for many people, it’s already too late, so there is definitely another alternative: Go back to any site where you did answer these common questions, & change the answers to something else, i.e.: the answer to a different question, or just garbage text. See below for an example:

What is the name of your favorite band?
New York Yankees
-OR-
Up)43!z*mP9*KXe!dChC*XLP4(mKAX)z (A random password, generated from DuckDuckGo: password 32 strong)

While the second answer may be a bit of overkill, if you are using a password manager, it’s not that hard to just make note of the Security Question answer if needed in the future.

I think I may have already posted about Password Manager options, but possibly time to take another look at what’s out there, & write up some of the ones that stand out to me. I started with Dashlane, but have since moved to KeePass (Specifically KeePassXC) due to the number of recent breaches of various companies. Using KeePass puts me in control of where I store my password databases.

Source: Krebs on Security: Donโ€™t Give Away Historic Details About Yourself

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.