“What’s Your Mother’s Maiden Name?”

Posted

online security questionThis post originally appeared on Techlicious.

When you set up a new online account the website often will ask you to answer security questions so if the company needs to verify your identity, you can input the right answer to prove you’re you. For example, these probably sound familiar: “What is your mother’s maiden name?” or “In what city were you born?”

No doubt you’ve answered these kinds of online security questions, but really, there’s nothing secure about such generic queries. That’s because someone who wants access to your account could easily do some Internet research to dig up the answers.

So, what’s the best way to keep bad guys from finding out (or guessing) your security question answers?

According to Adam Levin, chairman and founder of IDentity Theft 911, your best bet is to lie, especially on websites that only offer generic security questions and don’t let you customize your own questions.

But what’s the best way to remember your false answers?

“You could put a schedule of security questions and lies on a password protected, encrypted thumb drive,” Levin says. “Just don’t forget the password that unlocks the thumb drive and don’t lose [it].”

Another idea: A password manager to hold your strong passwords. I have an app called MSecure ($9.99 on Google Play) on my smartphone that would work to store false answers. The app doesn’t care what kinds of accounts and information I put in there, so I might create an entry titled “Security Question False Answer #1,” and so on, for as many bogus answers I need to remember.

An even better option, and one that many websites offer, is to create your own custom questions.

“The overriding principle is to think in terms of facts that are unique to you—things that you have not posted on your Facebook page, or shared with others by way of quizzes on social media sites,” Levin says. “In life there are certain significant private moments that represent a milestone or warm memory that serve as a security question that will mean something to you but nothing to a prospective identity thief.”

If you think about it, coming up with these unique questions and answers simply takes a stroll down memory lane. For example, I might use the question, “What chore did you have to do every day after school?” Almost no one would ever guess my true answer: Milk goats. Other ideas I could come up for myself: “Who was the most impossible person with whom to have a sleepover in a tent when you were 15?” Answer: Brenda (she was crabby at 2 a.m.). Another: “What memorable food did you cook during summer school when you were 6?” Answer: Pancakes.

“The point is that you want to have an extremely limited universe of people who would have any knowledge of things, events, or people that are special to you,” Levin says. “Your age, that of your children, your birth date, your mother’s maiden name, your favorite color, your first pet’s name, your engagement or wedding dates have the potential for too much exposure.”

Another way you can keep strangers from finding out your personal information is to not make it public.

“The best way to keep security answers safe from malefactors is to not post thoughts, events, or facts on social media sites either on your wall, that of another, or participate in an quiz. Your life will not be diminished by not responding to questions posed on those websites,” Levin says.

More From Techlicious

Tools for Protecting Your Online Reputation
The Easy Way to Make Strong Passwords
How to Browse the Web Anonymously

  • http://www.facebook.com/profile.php?id=1702125 Alissa Green

    How about some realistic advice – telling us to not post in social media doesn’t work.

    • Just sayin’

      There was plenty of realistic advice in the first 12 paragraphs.