When we create an account on a platform, website or online service, we always have the obligation to configure the password that only we will know and that will give us access to our private profile. Often on many websites there is a secondary method of reinforcement in the form of security questions with answers that again only we need to know.
From the dog’s name, to the school where we study, to our favorite movie or book or to the first car we had, answering correctly is essential in cases where we have forgotten the password or need to change it, otherwise we will no longer be able to access our account.
Things to avoid when using security questions
How many times have we faced the classic safety question about the name of our favorite character or the first car we owned, but Frodo is a very popular name and an Opel is a brand that millions of users have owned.
The problem arises from the fact that the answers may be personal, but at the same time they are common, too common, like our mother’s maiden name or the first school we studied at. Not difficult to detect, since a hacker who wants to enter our account can check our social networks or public profiles on other websites.
How do we solve it? Obviously it requires our commitment and not to rely on the first obvious and trivial answer that comes to mind. If the security questions are pre-set and are also very specific, how do you answer something a hacker can’t find out?
So if for example we have to answer What is your favorite actor ?, it will not be the same if we put “Benedict Cumberbatch” over “N0strad4mus” or something more unusual, such as a “What a stupid question”.
Such an illogical and alphanumeric answer, perhaps to be kept in a drawer or near the PC so that a family member can easily access it if we are away from home, or even in a digital note inside the mobile phone, can save their account .
Yes, it takes a little more effort, but remember that this is no longer the innocent era of Internet 1.0, where the words “malware”, “hack” or “DDoS” sounded unfamiliar to us and with a single password we entered everywhere, from MSN Messenger on MySpace. Today the security breaches and fake emails asking us to change the password because our Dropbox, eBay, PlayStation Network, etc. account. has been violated, they are on the agenda.
Fortunately, there are sites that allow you to create your own custom security questions, which gives us more control over the answers. It’s not the same as saying “What is the name of your first teacher” rather than “What is the name of the teacher who caught you cheating at an exam?”.
Indeed, the latter is ideal, because your answer does not necessarily imply a name, since we can put the answer “I’ve never cheated on an exam”. Same with other questions like “What is the name of the city you got lost in?” or “What is the name of the person whose middle name is Maria?”
Creative and unexpected answers to specific questions, or if we have the possibility, similar questions but at the same time different from the usual ones and with equally creative and unexpected answers.
These are the keys to having at least a little more security and knowing that only we have the information necessary to respond.