How to Not Get Broken: A Guide to Passwords
Have you ever forgotten a password and been confronted with the question: Mother’s maiden name? Or maybe: High school mascot? These personalized security questions were recently proven to be more harmful than helpful in a study done by researchers at Google. The research suggests that the answers to these questions can be guessed in as few 10 tries by most knowledgeable hackers. Even when attempting to use an answer that nobody would ever think of, Google’s new data shows that this can make it even easier for a hacker to figure it out.
Google has suggested that the better method of password security would be for websites to send SMS reset codes or use alternate email addresses that hackers don’t have any access to. While this method is being recommended, it certainly hasn’t yet been implemented by ever social media site out there, and even less so with smaller websites.
So if you’re forced to craft a backup security question by a website that hasn’t yet implemented a better strategy, make sure that it is unique to you, unchanging, easy to remember, and not common knowledge. Don’t choose a birthday or pet name that is fairly common knowledge or can be found through a little digging. And don’t choose something so far out there that you can’t even remember it yourself!