Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I use fake answers. Treat them as basically secondary passwords. I do keep them as real words though since sometimes they need to be answered over the phone and you don't want to read a long random string of characters.


Yeah, I used to use randomly generated strings until a customer service rep asked me to recite my security question answer to them... Now I use something like Diceware for real words.


That's excellent, I had no idea that existed, I'll have to start using that. Though it is fun to do a game of security question chicken - how much letters are they going to listen to me say until they go "ok, that's good enough"?


Customer Rep.: "What is your mother's maiden name?"

Scammer: "I just entered a bunch of garbage."

Customer Rep.: "Yup! Thanks for verifying that Mr. Smith!"


"A bunch of garbage" is actually kind of a fun answer in itself. "Who was your childhood best friend?" "A bunch of garbage."


Haha that's pretty funny. "Who was your first college roommate?" "A bunch of garbage."




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: