Another Security Wake-Up Call – Avoid “Insecurity” Questions!

Internet security is making big news again this week - with dozens of celebrities having their online accounts hacked, and a multitude of very private photos being leaked online as a result by scummy picture traders.

So far it seems as if this is not the result of a wholesale core failure in any particular online service - but rather a targeted attack with the hackers brute-force guessing passwords, and / or manually guessing the "security questions" attached to the hacked accounts.

I prefer to call these "insecurity questions" -- the stupid bits of personal trivia that sites make you give them that you need to answer to reset your password.

Think about it...

Just how secure is a long password like "Th1s^IS-!MY-$3CuR3-P455" if all it takes for a hacker to reset it is knowing that your high school's mascot was a "Tiger" and that your grandfather's name was "John", or that you went to "Riverdale" elementary school and your favorite artist is "Elvis"?

Particularly if you are a much-written-about celebrity - that data is probably just a one-minute google search away. But even if you are an average semi-anonymous internet user, that sort of information is not hard to dig up with a little bit of prying into social media and maybe some trial and error.

Got Coverage?

How many high school mascots were there in your home town, after all?

In the long run, these sorts of "security questions" actually lead to more insecurity.

Smartly Answering "Insecurity Questions"

The secret to dealing with these traps is to never answer them honestly.

One way to do this is to create a fictional life for yourself.

So instead of having a grandfather named "John" you might have been raised by "Grandpa Moonshine" and your high school's mascot was the "Flaming Liverwursts" who rocked out to "Dread Zepplin and His Orc Estra", who regularly performed for the students of "ZitPop" elementary.

Get creative. Have fun with it. Make it memorable.

But be sure to write down the details somewhere safe just in case you forget whether it was "ZitPop" or "Acne Acres".

Ideally store your fictional narrative in you encrypted and backed-up password management program, but even on a photocopied sheet of paper is fine.

The Internet is a scary place, and hacking tools are getting more and more sophisticated.

Stay safe out there!


Members, Please Log In to Comment on this Article.