Password security tip - use fake information

Discussion in 'Email Discussions' started by THERESA, Mar 5, 2013.

  1. THERESA

    THERESA Customer Service Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    884
    Likes Received:
    11
    Many web sites have a link for "forgot my password" and all you have to do is answer a few questions to get logged in.

    Warning! It could also be abused and let someone that knows you well into your account. :eek:

    Use fake answers to avoid having someone who knows your "secret" answers from filling in the forms and hacking into your account.

    If you answer those silly status based questions on Facebook you could be giving out the answers in normal conversation without even realizing you are doing it. Where was your first job? What street did you grow up on?

    I have a list of false answers for all of these questions and even picked a town that I would easily remember to give for my "current" zip code where I have never lived. (yahoo asks for your zip code)

    If you have your accounts set up with the correct answers, please take a few minutes to make up your own set of false answers that will be easy for you to remember. You could use one of your favorite places to vacation for the zip code. Log into all of your accounts and change all of your answers today! Also make sure you save your answers in a safe place since you probably won't remember them since they aren't true. :)
     


    Last edited: Nov 18, 2013
  2. peviha

    peviha Valued Member

    Joined:
    Jan 20, 2013
    Messages:
    53
    Likes Received:
    0
    That's good advice. You can take it a step further and easily generate a false online identity here: Generate a Random Name - Fake Name Generator

    This identity is completely made up and gives you all the (false) information you could ever want to put in as answers to a "secret question".

    Print it out, and you'll never have to remember the answer to a security question again, while even those who know you well will have no idea what the correct answers are.

    -peviha
     

  3. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,994
    Likes Received:
    120
    That looks like it could be useful.

    I hope they aren't saving the fake profiles, if someone got access to them... :cool:

    Then again, they'd only be for sites you don't care about, not for your banking sites, etc.
     
  4. THERESA

    THERESA Customer Service Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    884
    Likes Received:
    11
    I make up my own. I don't trust anyone.
     
  5. peviha

    peviha Valued Member

    Joined:
    Jan 20, 2013
    Messages:
    53
    Likes Received:
    0
    If you're not keen on the whole concept of secret questions which are really just backdoors into your accounts, use a proper strong password in the first place, and don't fill in the answer to any secret questions. If you must supply an answer, copy-paste some random gibberish from GRC's password generator page (http://www.grc.com/passwords).

    I know using strong passwords is easier said than done, but recently I find myself using KeePass (keepass.org) more and more. It's basically a password storage utility, but with a few very useful features added that I haven't seen in other password managers. Using that tool, I've changed all passwords for all sites I visit frequently (and even seldomly) to a 40-character password with upper/lower case letters, digits, and symbols.

    There are plenty of other options out there, of course, but I like having a desktop application that I can bring up with a shortcut key instead of having to scramble through a web interface.

    -peviha
     
  6. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,994
    Likes Received:
    120
    I've used this site for a long time to make my random passwords. I tend to use it more for "changeme" style passwords when I've giving out a password I'm expecting the recipient to change, but they end up with a decent password much better than changeme if they don't go back and change it.
     

Want to reply or ask your own question?

It only takes a minute to sign up (and it's free!). Click the orange sign up button to choose a username and then you can ask your own questions on the forum.
Loading...