[this post from Nerd Dennis Houseknecht]“Oh what a tangled web we weave, when first we practice to deceive”
–Sir Walter Scott
My Grandma used to say that keeping track of your lies is more work than telling the truth. She was right. When it comes to those security questions that serve as the key to resetting your password, though, lie, lie, and lie some more!
Those questions often refer to information that can be obtained from social networking sites (your mother’s maiden name, your favorite pet, etc.) or just guessed. This hacker may have compromised a many as 3200 email accounts by guessing the answers to password reset questions. Sometimes lying is good – fictional answers to these questions are hard to guess. The problem, of course, is that they are also hard for you to remember. Use a secure note system, such as that found in Lastpass.
The irony has always been that these security questions, the mechanism often used to reset passwords, are often much less secure that the passwords themselves. Beat the system and LIE.