Friday, 29 December 2017

Cybersecurity: Use Fake Answers to Online Security Questions

The sign up processes for online banking accounts, new email addresses, or health insurance apps all involve a few extra security measures to protect the precious data inside those accounts. Unfortunately, the security questions they make you answer aren’t exactly secure. Your mother’s maiden name just won’t cut it anymore and, according to the New York Times, might cost you your credit score if someone gains access to your personal information. It’s time to strengthen your security questions to keep the bad guys out of your accounts.

Security questions ask for information about your actual life, information anyone can easily obtain either through social media or from data breaches like the recent Equifax debacle. It’s not too hard to figure out which car you drove in college, or your mother’s maiden name (it’s probably on her Facebook page). Answering truthfully isn’t the greatest idea, though you can always try a different approach before pulling out the big guns.

Just Lie—With the Help of a Password Manager

Your first car? Just write your dream car, or the car you’re planning on buying. Mother’s maiden name? Easy, just make it whatever irksome term of endearment she used to address you before asking you to get those dishes done. As long as those answers aren’t searchable, you should generate incorrect answers and keep them secure.
Of course, you want to make sure you can keep track of all the false responses you’ve concocted, and keeping your new, false responses secure means storing them with the rest of your secure data. Turn to your favorite password manager to store your security questions and answers (or generate better ones). You can create a spreadsheet for all of them, or just write your questions and bogus answers in the notes field of the corresponding site or service (assuming you already have it in your manager of choice).
For added peace of mind, you should use the password generator in your password manager to generate more varied answers compared to simply using “incorrect” responses. Fe5h&R<v1 is harder to guess than Meredith, even if both aren’t the actual name of your prom date.

No comments: