On 29/05/15 10:35 -0400, Peter Beckman wrote:
I use completely random strings for security questions. The company doesn't care what my answer is, so instead of knowing that my favorite sports team is [REDACTED] they can see that it is "WheF7?ydk/cBG8MgZf7w"
Go WheF7?ydk/cBG8MgZf7w!
I store all of the security questions in my password manager (1Password), and though annoying if prompted for them often, my account is more secure as a result. It's also a lot of fun when you call in and they ask you the answer to your security question.
Just because someone asks you a question it does not require you to give an answer they expect. (Or any answer)
Beckman
Good in principle, however I'll bet you 20$ that with this state, if I get on the phone with support, and they ask for the answer to the security question, simply replying "Is it a bunch of gharbled chracters, about 20 of em?" Will be more than enough to get me in. Use 3-4 dictionary words.