We’ve been at this stage in this cyber world, where we have to surround the truth of our data with multiple levels of security, and we have to strengthen or improve those layers constantly. One of those layers is that of secure responses to those “security questions” that we are frequently required to fill out. For example, when creating an account on a website, you are often asked to provide answers to those security questions.
We’ve all heard those questions used to verify our identity:
- Where did you go to high school?
- What was the make and model of your first car?
- What was your mother’s maiden name?
- What was your pet’s name?
These questions are designed to ensure that only you can access your account if you forget your password. However, these security questions can actually be used against you.
According to Mental Floss, in 2015 hackers targeting the IRS successfully breached the security of over 700,000 households, in part because they were very successful at predicting the answers to people’s security questions based on personal information they had already obtained. Google later learned that hackers are very good at precisely guessing people’s security questions.
“What is your favorite food?” for example. Pizza? Burger? Steak? Easy to guess! Right?
That’s because hackers can often find out the answers to these questions by doing a little research on you. They might look through your social media accounts or search through your friends and family or even just observe you. If they can find the answer to even one of your security questions, they can easily find the others.
So what can you do to protect yourself?
1. Lie about your security questions
One option is to lie about your security questions. Don’t be afraid about this as we are not providing false information to any governing entity, falsifying financial records, or misrepresenting ourselves in court filings when we provide false responses to these questions. We’re answering questions so that an identity management system can recognize us. And, let’s be honest, Meta (formerly Facebook) doesn’t need to know your exact birthday. It’s purely so the site can advertise to you and send you irritating notifications and send your friend’s unasked updates telling them to say hi.
Go ahead with confidence as made-up answers will not result in a moral dilemma. It will either make you less hackable or provide some defense if you are targeted.
Of course, this isn’t a perfect solution and has its downsides. If a hacker is really determined, they might still be able to figure out your answers. And if you forget your answers, you won’t be able to access your account either! We have a solution for that as well.
2. Use a random string of characters as the answer
Instead of submitting any useful information, use a random string of characters as the answer. That way, even if a question reveals an interesting biographical detail that you’re confident a hacker won’t discover about you, you’re not disclosing answers that could be compromised in a breach. Of course, this strategy makes security answers nearly impossible to remember in comparison to true personal details, which we easily remember. That is why you should use a password manager to store not only strong randomly generated passwords, but also your security responses.
3. Use 2FA or MFA on all of your accounts
Another option is to use two-factor authentication or multi-factor authentication on all of your accounts. This adds an extra layer of security by requiring you to enter both a password and a code from your phone whenever you try to log in. That way, even if someone manages to figure out your password and security questions, they won’t be able to access your account without having your phone.
In conclusion, it is beneficial to make your security questions hard-to-guess. This is because it is impossible for someone to guess the correct answer if they do not know the truth. Additionally, by using custom questions for different accounts, you can further increase the security of your online accounts. Stay tuned to our website for more tips on how to stay secure online.