Clear67° WeatherClear67° Weather

Fake answers boost password security

The other day, for some inexplicable reason, a website that uses responses to personal questions as password protection stopped accepting one of my answers. "It just doesn't seem to like this word anymore," the tech assist told me.

But how many different answers can you have for: "What was the first car you owned?" But she made a brilliant point. Since the website doesn't know if my answer is correct, I could put in anything. In fact, she pointed out, a good security tip is to answer incorrectly.

Her reasoning: With so much information online, people can easily find your mother's maiden name, your pet's name, your high school mascot and so forth — all of which are common security questions.

But wait — wouldn't it be hard to recall the correct passwords if they had nothing to do with the prompts?

Not necessarily, she said. She gave an example of one gentleman who answered every question with his favorite flavor. So if a site asked him for his mother's maiden name, he would enter something like "Butterscotch." Favorite pet? Butterscotch. Elementary school he attended? Butterscotch.

It makes passwords easy to remember and hard to break. Of course, there is one glaring defect. If someone does get your password, that person has access to every website you use.

Fake answers boost password security 02/17/13 [Last modified: Friday, February 15, 2013 6:41pm]

© 2014 Tampa Bay Times

    

Join the discussion: Click to view comments, add yours

Loading...