ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel
  • »
  • Technology»
  • Internet & the Web»
  • Viruses, Spyware & Internet Security

How To Pick Smart Answers To Your Security Questions

Updated on August 19, 2015

By Rachael O'Halloran

Published September 8, 2014

This article will discuss suggestions for answers to password security questions and identity verification security questions, which serve different purposes.

Materials Required To Benefit From This Article

  • Pen
  • Notebook from the Dollar Store
  • An Open Mind
  • Common Sense
  • A Sense of Humor

Are you giving a hacker the answers to your "identity" security questions?

Source

For online security questions like the ones in the above screenshot ...

Do you lie or do you tell the truth when you give the answer?

See results

Your Passwords Should Be Unique

Password Security Questions

Before I get into how to pick your security questions and answers, I want to get a little housekeeping out of the way and discuss how easy it is for a hacker to learn your password just from your Password Reminder Question.

This question is not the same as your Identity Verification Security Question that verifies your identity. That is a separate screen and usually a different question - or it should be.

Some of this has been covered in my other article about How To Create The Best Passwords Hackers Hate but in case you haven't read that one, this is a little recap.

Password Security Questions are meant to give you a clue as to what you chose as your password. The answer can't be your actual password; it should just steer you in the right direction so you'll remember what the password could be. I like to choose location password answers that have nothing to do with the question, just to tick off a hacker.

Scenario: You are on Site ABC, you already chose a password (with or without using sentence method), and you wrote it down on a page of your Notebook. Now, choose ANY security question - doesn't really matter which one - and make the answer the page number in the Notebook.

Example: Question: What is your the name of your favorite teacher?

Answer: Pagetwoin Notebook (should have a space so it looks like a real name).

Answer translation: Page Two In Notebook - On page two, you should find the password or password sentence you used for that site and the manner in which you wrote it -i.e. the sequence of letters, numbers, symbols, special characters.

If your password is easy for you to remember, then it may be easy for a hacker to get. It is best to make your password so hard that even you have to look it up each time.

  1. Always use a different password for each site.
  2. Don't reuse! Passwords should not be recycled.
  3. Never click SAVE on those "Remember Password" popups. These programs are a gold mine to a hacker.

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

If you talk, your account walks

If you comment on someone's Facebook page/wall and their settings are set to "public," you have no control. Anyone can read your comments no matter what YOUR settings are set to.

If you talk about your personal stuff - child by name, husband by name, your vacation, upcoming events, etc. - it is all public knowledge.

And you never know who is listening.

Facebook Settings

Your settings on Facebook (and most social networks) where your conversation is in the open for other people to be able to read, should always be set to either "Friends" or "Specifically to certain names." That way, anyone who is not a friend or is not listed on that "specific list" cannot read the conversation. They can't even see it.

If you have no control over the settings, it is assumed that it is all public and anything you say can and will be used against you by a hacker.

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

Your Facebook Account

You may be wondering why anyone would want to hack your Facebook account since all you do is play games, or talk to friends on your wall, their wall, in groups or chat rooms.

Well, it is not really your Facebook account that a hacker wants.

Hacking into your Facebook account is not the ultimate prize, it is the stepping stone to get to the ultimate prize.

It may be someone on your friends list he has his eye on. You are but a tool - a means to an end.

Your contact (friends) list, your sign-on email address and/or your conversation on your wall or that of your friends is all information he can use to hack other accounts or view any online activity conducted by you or the target.

Remember, even your medical records are online now, (supposedly encrypted, but we all know how that goes!), test results, pharmacy emails, and medical appointments. It is all good information to a hacker in the larger scheme of things.

What he wants is any information that will lead him to guessing your passwords or answers to security questions on all the other sites you use - banks, credit cards, email accounts, blogs, medical records - so he can access them. Once he has them, your identity is his, he can post as you, conduct business as you. He has your whole life. If he can get into your friends list, he has more targets to hack.

Of course, if you are one of those people who uses the same password for two or more accounts, or if you keep an email file with all your passwords on it, then you have helped him immensely.

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

If you set up your FB account for three attempts, that means when three attempts are made to enter a password without success, the account is locked out to the person doing the attempting! But you are not locked out because you are coming from a different IP address.

An automated email goes to whatever email account you used to sign on, and the email usually asks something inane like "Are you having trouble getting in to your Facebook account?"

A red flag should go up in your mind! Someone's trying to get into your Facebook account and it is not YOU!

Immediately sign on to your account, change the password to something different - use a different sentence - change the sentence to go backwards - anything. Then for peace of mind and possible clue to the culprit, go to SIGN ON ACTIVITY, then view the login activity section to see where the person is located who is trying to get into your account.

Usually it is not a USA city or state, but that's not to say it NEVER is. This information is just some FYI, you can't do anything with it or fix your settings so that someone signing in from Taiwan can't make another attempt.

If this EVER happens to you, you are on someone's radar and need to change your passwords more often than others and be vigilant to those pesky emails from Facebook asking you if you are having trouble getting into your account.

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

Identity Verification Security Questions

The answer to the Identity Verification Question is meant to verify and to prove to them who you are. The answer must match perfectly, so it is best that the answer be as precise as possible.

Is the answer to your Identity Verification Question so generic that a hacker could guess the answer?

  1. "In what city were you born?"
  2. "What is your favorite color?"
  3. "What is your youngest sister's name?"

As you were reading, did you answer any of those questions truthfully?

Because if you did and if you are hell bent on continuing to answer those questions truthfully, then you are not going to like the rest of this article one little bit.

Let's explore the last question - What is your youngest sister's name?

If you write that her name is Margaret and it really is, what's the matter with you???????

Do you really think the website has to know that????

No.

The website has no idea if her name is Margaret, Cinderella, Wonder Woman, or even Edith Bunker. They don't have any reason to know her name, have no way to verify it, and they don't really care.

The question is being asked so you'll provide an answer and that answer will be "the required answer." It needs to be typed in the answer box in order for them to verify the identity of the person who wants to access the account.

When "the required answer" is typed EXACTLY in the answer box, then that person will gain access to the account. If the hacker doesn't get it exactly right, he doesn't get in.

FunKY LeTTeRinG won't do here.

It is better to be more precise in the answer and leave the funky lettering to some other site that puts more emphasis on it.

If you write some crazy "totally foreign to you" type of name or combination of places or things for your sister's name ... Hooray! You have really pissed off a hacker and kept your account secure.

So ............. Lie.

Lie like a dog.

Then go write it down in your Dollar Store notebook.

Lesson learned: The secret to answering security questions is to LIE.

Get creative in how you answer. Here's another example:

Question: Where did you go on your honeymoon? (Assuming you went to Hawaii, let's use a little "misdirection.")

Answer: aminy

To gain access, a hacker has to know that your abbreviated answer of "aminy" stands for Adirondack Mountains in New York using first letter of each word.

He can keep trying "Hawaii" and other popular honeymoon places until the account is locked out. He won't get your answer if you are creative, precise, yet obscure.

Lie!

Then go write it down in your Dollar Store notebook!

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

How the 2-step verification process works

example of how Google's two step process works.
example of how Google's two step process works. | Source
Receive the text, key it in and you are set
Receive the text, key it in and you are set | Source

2-Step Verification

If you have a two step verification where a text is sent to your cellphone, it will bypass your email box. Usually security questions are not needed when you have enabled a two-step verification process.

If you don't have a cell phone, you can get a regular phone call where a voice speaks the code to you.

There is no reason to NOT have this level of security. If a site offers it, take it.

Examples Of Challenging Identity Verification Security Questions

What was the happiest day of your life?

  • The older you are, the harder this answer is to guess. lol

Give a very obscure answer:

  • Notebook page four
  • Pick the occasion, make a sentence, then choose ONLY the first letter of each word and add a year for good measure onto the end or the beginning

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

You have to think like a hacker and then do the opposite. He's trusting that you will tell the truth. Don't.

What is your favorite color?

I absolutely LOVE this question because I can get so much mileage out of the answers.

If your favorite color is purple, for example, don't write purple. Be exact in the color of purple. Magentapurple, Jazzberry, Deepviolet. Here's a link to all kinds of colors of purple. Choose a purple that has two words, then run them together as I have done. The longer the word, the harder to guess. Don't be afraid to spell them wrong!

If your favorite color is blue, choose a specific color of blue. Morninggloryblue, Cornflowerblue, Bleudefrance, cadetblue, celestialblue. Here's a link to all kinds of colors of blue. Spell them right, spell them wrong, combine a couple together.

I think you can see how the answers to your favorite color question can be changed so that you almost never have to change the question.

Another common question asks your favorite flavor of ice cream. The hacker is looking for an ice cream flavor, so pick a color instead. Choose an obscure color off the charts at the site linked above.

Write it down in your Dollar Store notebook!

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

More Ideas

Where did you go to high school?

Instead of giving the name of an actual school, give an intersection address of any high school in your town or the next town. Or give your school colors or your kid's school colors.

  • Example: "At Fourth Street and Franklin Boulevard" for the shortened version of At 4th Street and Franklin Blvd that a hacker will use because he is too much in a hurry. Always go long, you aren't crunched for time like a hacker is. lol
  • "Katholic" for Catholic, "High Sch" for High School - be misleading by misspelling.
  • Burgundyandgold for school colors - all run together as if it was a name of a school

What is the name of the first street you lived on?

I always pick a street in a beautiful neighborhood that I never lived in and then I spell it the wrong way, the short way, the long way or backwards.

  • Example: "Secoya Hylands Boulevard" for Sequoia Highland Blvd. OR spell it backwards like this: ayoces sdnalyh draveluoub
  • Use up all the space in the box they give you - 32 characters or more
  • I used to use "One PoLiCe pLaZa" or "Una polizia Plaza " but they won't accept those anymore because hackers have guessed them to death.

What is your mother's maiden name?

If you actually write down her maiden name, you deserve to be hacked. (joke)

  • Don't write the words "mother" or "maiden" - hackers try them first.
  • Pick your favorite food, dessert, sport. Capitalize it so it looks like a Proper name. (Examples - Chicken, Gumbo, Tiramsu, Trifle, Ambrosia, Angelfoodcake, Volleyball, Bobsledder)

Write it down in your Dollar Store notebook!

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

Yahoo's Examples On Video

In the first place, Yahoo wants you to keep it real and answer truthfully with correct spelling. Here's why I think that is a bad idea as well as some of their question choices:

At the 0:52 mark on the video, Yahoo's choice of question: In which city did you study abroad?

This can be a good question for some people, especially those who never studied abroad! But if you actually did take a degree abroad, chances are the school is public record, you are listing the degree and where you got it on your resume on professional sites, like LinkedIn, for example. If you have a professional website where you list your credentials, this is a no-brainer. So, no, I don't think this is a very safe question.

At the 1:11 mark on the video, Yahoo's choice of question: Where did you go on your last vacation?

This is probably one of the worst questions to use as a security question because nearly everyone takes photos on vacation and the likelihood of them being online somewhere, if not in an email to someone, is very high.

When you come home from vacation, you want to post them on your website, Facebook page or send by email to friends or family. You may even talk about it on social media because you are still excited about the vacation. It takes one slip up about this and your security question and answer is blown.

Real Spelling

Where it says in the video to use "real spellings" so you'll remember the security answer, I beg to differ.

If you purposely spell it incorrectly or get creative with spelling, add a number, it makes it that much harder for a hacker to guess.

Remember, it has to match exactly. If you spell it wrong, the hacker has to spell it wrong too!

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

Stop the video at 0:49 and take a closer look at the security questions they give to choose.

  • Who was your date on prom night? Not a bad question -Better, if thename is spelled wrong
  • Where did you spend your honeymoon? Choose a sentence, then 1st letter of each word
  • Where did you meet your spouse? If it was a city, and especially if it is your present city, it is probably already on social media. If you say BLIND DATE and that is common knowledge, this is not a great security question. Better to choose something like: At Maria's house, or At a convention
  • What is your oldest cousin's name? This is a good question -but instead of including the first, middle, maiden and last names, I'd rather pick a nickname. Fat Brucethe Blimp, Twiqqy Jeanthe Stick (Change the G's to Q's)- Make it as hard as possible to guess but write it down so you have it.
  • What is your oldest child's nickname? Never a good question, especially if he/she has their own Facebook account and uses the name with their friends
  • Name of oldest niece, nephew, favorite aunt, uncle? - all good, but not if you use their real first name, nickname and middle name. Use 3 "words" but never use a maiden or last name. Example: Aunt Alice's son, Uncle Norman's daughter.
  • What town was your father (mother) born in? No way, too big a possibility of being public record

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

Public vs. Private Email Account

Never post your primary email address in public - on a website, Facebook page, in chat rooms, groups, in comments - for people to contact you.

Your primary email address is the private one that has your day to day life in it - for example: business with mail order companies, pharmacy pickup notifications, online payment receipts, credit card statements, bank business, mortgage receipts, any company billing statements, etc.

Instead, always keep at least one backup email address as a secondary email account that is only for your online life - blog comments, HubPages comments or notifications, Facebook groups, playing games, receiving coupons and game bonus offers, etc.

Post that one for people to contact you. If it gets hacked, which is so common now more than ever, at least your financial and private information will be safe in the other account.

Treat the strength of your email account password like it is guarding Fort Knox.

Think about it ... all your important stuff is in there - your communications with your banks, credit cards, sites you do business with, confirmation emails from sites you signed up with - all of these things are what a hacker needs to know so he can start on his merry way going to those sites to hack your password and then get inside the accounts.

Even if you don't think you have anything a hacker would want, you have information that you didn't know you had. Your contact list.

He may not care what stores you shopped at, but your contact list might give him a great choice of friends who do far more on the internet than you do, and who have much more money in the bank than you. And that might be his pot of gold with you being the stepping stone.

Because hackers are guessing the answers, you have to start getting more than just a little creative picking questions and precisely worded answers.

~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*~~*

Now, go out there and be the best damn liar you can be.

Then go write down your answers in your Dollar Store notebook.



© Rachael O'Halloran, September 2014

Comments

Submit a Comment

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    tirelesstraveler, I am always happy when anyone links to any of my articles. Most people don't ask, so thank you for asking. I'd be honored and I appreciate the compliment.

  • tirelesstraveler profile image

    Judy Specht 3 years ago from California

    This is one of the most useful hubs ever.

    Can I link it to my hub on Digital Legacy? It is a gold mine.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #DealForALiving

    Thank you for sharing and commenting.

  • DealForALiving profile image

    Sam Deal 3 years ago from Earth

    This is actually a really useful and well-written hub. Time to share it with friends~

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #Vellur

    I'm glad you found my article useful. Thank you for reading, voting and commenting.

  • Vellur profile image

    Nithya Venkat 3 years ago from Dubai

    Very helpful, it is so important nowadays with so many people trying to hack accounts. You have given very useful ideas, thank you for sharing and voted up.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #misterhollywood

    I rec'd your fan mail. Thanks. I'm so glad this was helpful to you. Make sure you LIE! Then write down what you lied about. lol

    Thanks for reading, commenting, and for following me.

  • misterhollywood profile image

    John Hollywood 3 years ago from Hollywood, CA

    Very helpful hub. I sent you some fan mail. I've always struggled with choosing. Thanks for this hub. Voted up!

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #DDE,

    I'm glad it has been useful to you. Protect yourself by learning to Lie in your security answers. Don't forget to write them down! Thanks for reading, voting and commenting.

  • DDE profile image

    Devika Primić 3 years ago from Dubrovnik, Croatia

    You have great suggestions here. I learned lots from this hub. Your idea of writing this hub has helped me to know more. Voted up, useful and interesting.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #vkwok,

    Thank you kindly. :) I'm glad you found it useful.

  • vkwok profile image

    Victor W. Kwok 3 years ago from Hawaii

    Great hub, Rachael! You give out good advice!

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #bravewarrior

    I did a lot of dumb things when I first started out on the internet. Even I chose nice easy passwords and answered questions truthfully. I figured if I didn't, then when I forgot passwords, the hint would remind me and I'd gain access. I never gave it a thought that the hints could remind others too. - which they did and that is how my Facebook and email accounts got hacked. It only takes a hack or two to wise one up--- that telling the truth in life is not going to work in your favor every time. Answering security questions truthfully is one of those times.

    Liars can't keep track of their lies. They wouldn't resort to keeping a notebook. But if you lie on the internet and you have a dozens sites you belong to that all require different screen names or types of passwords and security questions, a notebook is essential to keep it all straight.

    I hope this article gets its point across to every reader so they will make better choices in their passwords and security Q & A's to learn how to keep track of them all. Thank you for your compliments, congrats, and your ongoing support. You are a good friend to me and I am grateful. Rache

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #annart

    As I said, lie, lie, lie. You are the only one who has to know the "required" answers in order to gain access to the accounts.

    If you tell the truth, and just a few facts about you are known, then the answers to your questions can be very guessable, even by your own family members (or friends) if they want to get into your accounts for any reason.

    I'm glad you found this article helpful and that my true reasons for writing these articles has hit its mark - to make the internet a safer place for us all.

    Thanks for reading and commenting.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #WillStarr

    Hi! Get busy on those security questions and answers! Thanks for reading and commenting.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #breakfastpop

    I'm glad you found the article helpful and that it came across the way I meant it. I wouldn't say you are an idiot, but thank you for the genius compliment LOL and votes.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #FlourishAnyway,

    Thank you. The Hubbie award was a surprise. I thought there would be one of tons of other hubbers (who have been here much longer than I) that would have won, so it was a surprise.

    On these security questions, you gotta lie because no one NEEDS to know your personal stuff. Remember, they only know what you tell them to be A truth, it doesn't have to be THE truth. You are in control of how much of your personal information you want to share - whether it is the truth or a lie. :)

    If you lose your Dollar Store notebook, the frenzy you will be in, will be the same frenzy you will find yourself when trying to remember passwords and security answers - as if you had never written them down in the first place.

    One's memory fades, pen and paper have been around for years. Sometimes we have to meld some old school with new school. It is very easy to screw it all up without being organized.

    Thanks for reading, your congrats and for commenting.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #PurvisBobbi44

    Thank you. I have a few blogs too - on Blogger, Tumblr, Wordpress, and contribute to several informational websites (wikipedia, IMDb, other wiki's) and there just aren't enough hours to do it all. But HubPages is where I spend most of my time. I keep saying "Someday ... there will be more hours in the day to dedicate to the blogs" but so far it hasn't happened. I need better time management skills, (or less interests!). I don't know how you do it all and still keep the content original. If you ever write a hub about how you do it, I'll be first in line to read it. I find something always gets pushed to a back burner and the longer it sits there, the more it is ignored for longer periods. Oh well, someday....lol Thanks for reading and commenting.

  • annart profile image

    Ann Carr 3 years ago from SW England

    This is so good and so sensible. I hate to admit it but I need to go back and tell lots of lies. Seems really stupid now but I didn't think about it!

    Thanks for all these wonderful tips, Rachael. The world will be a safer place because of you.

    Ann

  • WillStarr profile image

    WillStarr 3 years ago from Phoenix, Arizona

    Great suggestions. Book marked!

  • breakfastpop profile image

    breakfastpop 3 years ago

    You are a genius and I am an idiot! Thank you for this common sense advice! Voted up, useful and awesome.

  • bravewarrior profile image

    Shauna L Bowling 3 years ago from Central Florida

    Rachael, I didn't know about setting FB to 3 attempts. That's interesting. As for the rest of it, your advice is stellar. You also brought up some points that I think a lot of us don't think twice about. With all of the online profiles we're encouraged to keep as writers, your words of wisdom are priceless.

    Congrats on your Hubbie Award. You soooo deserve it!

  • FlourishAnyway profile image

    FlourishAnyway 3 years ago from USA

    Congrats on your Hubbie! I love your encouragement to be the best damn liar you can be. Too funny. Should that dollar store book get lost you're gonna have a hell of a time remembering who you are!

  • PurvisBobbi44 profile image

    PurvisBobbi44 3 years ago from Florida

    Hi RachaelOhalloran,

    Great information which I am doing most of it, however, it is good to be reminded. I will watch my answers on security questions---thanks for that information.

    Welcome to HubPages, I write here and on my 13 blogs so I am spread thinly as butter on toast.

    You will meet great people here and I have already met some of the new talented people.

    Thanks,

    Bobbi Purvis

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #billybuc

    Thank you for the compliment. I hope people start to pay attention to their own security because if they don't start watching out for it, no one else will. Thanks for taking the time to visit me. Congrats on your Hubbie Award :)

  • billybuc profile image

    Bill Holland 3 years ago from Olympia, WA

    Now this is practical information that everyone can benefit from. I hope in the years to come, you see huge view numbers on these articles. Thank you for the tips, Rachael.

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #MsDora

    I'm glad the article was helpful and thank you for congrats.

  • MsDora profile image

    Dora Isaac Weithers 3 years ago from The Caribbean

    Great smart ideas on security answers. Thank you and Congratulations on your Hubbie Award which you certainly deserve. You're a great teacher!

  • RachaelOhalloran profile image
    Author

    Rachael O'Halloran 3 years ago from United States

    #Jodah

    Thank you. I didn't think I'd win the Hubbie Award due to all the competition.

    With all the hacking going on, now is the time to step up your security questions and passwords.

    Now go see how you can fix them. Then go write them down in a notebook! lol

    Thank you for reading and commenting.

  • Jodah profile image

    John Hansen 3 years ago from Queensland Australia

    Great advice in this hub Rachael. I should be more careful than I am, and this hub has convinced me to do that. Congratulations on the "Hubbie Award", well deserved.