You are here

Crack the "Security Question" Code: 5 Tips for Creating the Most Secure Online Passwords

Your first pet's name was "Joseph Stalin," and other smart answers to online security questions.

When it comes to Internet security questions like "What was the name of your first pet?" it's easier to stick with the truth than to type in something random—like the name of your favorite Bolshevik dictator—then, months down the road, try to remember what you did. So, usually, "Spot" it is. Unfortunately, as Stalin himself might say, "You make very big mistake."

A new Google/Stanford analysis of hundreds of thousands of security questions found that most users' answers are anything but secure: Many ("What's your favorite color?") are too simple or have too few possible choices. Others ("Where were you born?") may be known to acquaintances, or can be easily learned by rifling through email you've left open, or doing simple research. And some may be used on other sites, making them vulnerable if there's a data breach.

"Big deal," you're thinking. "It's not like it's my password." Wrong again, says Patrick Nielsen of Internet security firm Kaspersky Lab. "Security questions can be used to access your accounts without your password—so, inessence, answers to security questions are passwords. That's why you need to pick them with care."

Below, the Lab's top Q&A tips.

3 Ways to Protect Your Stuff From Internet Thieves >>>

DO: Use a password manager—software that keeps track of your secrets and can be accessed only with a single password you choose. (Nielsen recommends

The Simplest Way to Protect Your Investments >>>

DON’T: Use single-word passwords. Instead, switch to nonsensical “passphrases,” like “Consider the purple seahorse clicking the roof.” (But make up your own!)

5 Things You Shouldn’t Keep In Your Wallet >>>

DO: Make up fake answers for security questions, and store them in the password manager.

Exercise and Computer Use May Protect Memory >>>

DON’T: Use the same answers on multiple websites. Ever.

5 Things We Wish the Apple Watch Could Do >>>

DO: Wherever possible, use sites with two-factor authentication, which asks you to verify your info a second way—e.g., by text or e-mail.

Will the Apple Watch Save Your Life? >>>



Want more Men's Fitness?

Sign Up for our newsletters now.

You might also like