• Quick note - the problem with Youtube videos not embedding on the forum appears to have been fixed, thanks to ZiprHead. If you do still see problems let me know.

Stupid security questions

Anti_Hypeman

Graduate Poster
A
Joined
Jul 15, 2005
Messages
1,007
Who thought this was a good idea. Whenever I sign up for anything now I have to pick "security questions". I never get to pick the questions its a list of lame crap in a combo box.

Paypal made me choose between

My mothers maiden name
Last 4 of SSN
Last 4 of drivers liscense number

Thats it AAAHHHHH you idiots all those things are public record or easily attainable. SSN shouldnt be but in todays world anyone can get it. If you are going to do this then let me enter my own questions or use something that requires more than 10 minutes to find out.
 
You don't have to give them the real answer, so long as you can remember the answer you gave.
 
Smike-It took me about four years to work that out, and now you blurt it out to everybody! ;)

But the problem is when , three years later, you don't know your mother's maiden name. And of course, you did'nt write it down for security reasons.

I now pick text strings straight from a book, whether they make sense or not.

Now all I have to remember, is which page of which book I used. There are only a few thousand in my flat...
 
I just hope no one every collates all these security questions, if they do they'll realise I've a very large number of mothers, innumerable pets, many with strange names such as 3rt0la15 and that my mother couldn’t keep still during labour since I was apparently born in at least 6 different towns.
 
for generic forms when asked for birthdays I like testing their Y2K soltuions by giving 1/1/1899 -- hey it's possible!

for zip codes it's 20500 (the white house) or 90210.

Only time i ever got bit by entering bogus information was when i had to give the info over the phone and I had used several curse words as my answer. Fairly embarrassing curse words.
 
4 digits isn't secure enough.

I'd go for mother's maiden name, then pick an arbitrary long enough password.

How do they know your mother's maiden name isn't Axfadfijioadfhjzbfhibzojib ?
 
kevin said:
... for zip codes it's 20500 (the white house) or 90210.
Click to expand...

I looked it up. Beverly Hills. Why Beverly Hills?

I always use 10001. That's the main post office of NYC. Also easy to remember.
 
Bank lady on phone: " It's now our policy to attach a six letter password to your account details. Can you think of a six letter word?"

Me: "What me."

Bank lady: "Yes. Any six letter word."

Me: "What me."

Bank lady: "Yes.If you would. Any six letter word will do."

Me: "What, me."

Bank Lady: "Yes, if YOU could just...oh, you mean use "What me" ?"

Me: "Yes"

Bank lady: "That's two words. I don't think that would work."

Try it next time. It's fun to hear the thud as the neurons go into concept-lock.
 
Best bet with passwords is to use phrases and take the first letter of each word as the password, occasionally substituting numbers. That way you get easily remembered passes that make no sense without knowing the phrase. We use this method all the time at work when we create new accounts for people, servers, network logins, etc.

some old examples...

Bob the Builder says can you fix it!
btbscuf1

George Bush should buy us 10 beers!
gbsbu1b

A Mars a day helps you work rest and play!
amadhywrap

Now THATS security in action. :)
 
Unfortunately, since these questions are limited, I could try a couple of times to get your password reset, say, on website X if I knew your answer to a security question - because so many sites use the same questions, and your answers will usually be the same (duh) all you have to do is know your answer on site Y.

I run a few sites that require registration. If I was unscrupulous...
 
Kenny 10 Bellys said:
Best bet with passwords is to use phrases and take the first letter of each word as the password, occasionally substituting numbers. That way you get easily remembered passes that make no sense without knowing the phrase.
Click to expand...

I like it, although I like having punctuation in my passwords. For some passwords I use the entire phrase. My SSH key is locked with an 18 character phrase (anyone want to buy a vowel?)

I also wrote a random password generator for Mac OS X using AppleScript Studio.

http://www.superfantasmoworld.com/modules/mydownloads/singlefile.php?cid=4&lid=4

It lets me pick which characters to include, max times a character can appear in the password, etc.... There are several available for Windows, I use one for creating administrator passwords.


Oh and 90210 for zip codes because of that stupid show Beverly Hills, 90210. For some reason I can't get that zip code out of my head.
 
Is it realy that important to protect your account at Gamespy.com or My-little-pony fan site. I only use high security passwords for my email, bank and wherever it would cost me money if it got stolen, everything else gets the same vanilla password.
 
Soapy Sam said:
Try it next time. It's fun to hear the thud as the neurons go into concept-lock.
Click to expand...
That reminds me of one of my favorite old User Friendly comic strips (for those who aren't familiar, it's a daily comic strip set in the offices of an Internet Service Provider).

http://ars.userfriendly.org/cartoons/?id=19990814&mode=classic

I tend to create my passwords based on rhythms/patterns. I'll use a specific finger-tap pattern for numbers/special characters for part of the password, then a small nonsense word that has meaning for me (I have a habit of making up words, just because I like the sound of them), but no one else. So at least part of it is almost true-random, and they're really easy to remember.
 
kevin said:
... 90210 for zip codes because of that stupid show Beverly Hills, 90210. For some reason I can't get that zip code out of my head.
Click to expand...

TV show, I assume. I betray my ignorance as a non-watcher.

Though I am hideously conversant with the nerdy details of TV shows I watched as a kid.
 
A banking service which I used to use asked for my "favourite musical act" and "favourite place".

Since I have an eclectic musical taste I could not decide on a firm favourite which I would remember. Sure enough, I couldn't. In fact, the next time I used the service I couldn't remember my favourite place either. The operator, with a weary tone, just gave up and told me the missing words.

I don't use that banking service any more.
 
TheBoyPaj said:
In fact, the next time I used the service I couldn't remember my favourite place either. The operator, with a weary tone, just gave up and told me the missing words.

I don't use that banking service any more.
Click to expand...

I work for a major online retailer doing fraud investigation. A large part of my job is contacting banks to verify credit card details. It's disturbing how many banks' and other financial institutions' customer service people will simply give out their customers' confidential information. I've had reps start rattling the information off to me before I even had a chance to ask anything.

And these aren't little podunk banks, these are call centers for major national banks and corporations.

The Indian outsource call centers are the worst for this, and it's almost always the women, though I've had a few men do it as well.

Oh, and any of you Americans with a Sears credit card, get rid of it and cancel your account. Seriously.
 
You must log in or register to reply here.

Back
Top Bottom