Make Your ‘Forgot Password Questions’ Unguessable

by on Apr 10, 2010 | 2 comments

You may have seen a recent news blurp that President Obama’s Twitter account was recently hacked. This was accomplished by the “hacker” guessing the forgot password questions.

If you think about it, these questions are usually “what is your favorite food?”, “what street did you grow up on?”, “what was your high school mascot?” or other questions which are easily guessed or found out through some online research. It this is all that is protecting you, this is an obvious flaw.

But you may say, ‘the forgot password sends me an email, so it doesn’t do the attacker any good’. Yes, some sites do this, but many will say “we sent your password to your@email.com”. What are the security questions protecting your email?

For protection, make your question answers irrelevant which essentially makes them unguessable. For example, for the “what is you favorite food?” question, answer with something like the site name backwards (i.e. hcemcp). Something like this is easy for you to remember but virtually impossible to guess.

Free eBook!

Like what you read?

If so, please join over 28,000 people who receive our exclusive weekly newsletter and computer tips, and get FREE COPIES of 5 eBooks we created, as our gift to you for subscribing. Just enter your name and email below:

Post A Comment Using Facebook

Discuss This Article (Without Facebook)

2 comments

  1. Josh / April 10, 2010

    Absolutely, my security questions are always completely ridiculous.

    Reply
  2. Readbud / June 12, 2010

    Haha, that’s remind me of using some really stupid one liner pick up line as my security answers.

    Reply

Leave a Reply

PCMech Insider Cover Images - Subscribe To Get Your Copies!
Learn More
Every week, hundreds of tech enthusiasts, computer owners
and geeks read The Insider, the digital magazine of PCMech.

What’s Your Preference?

Daily Alerts

Each day we send out a quick email to thousands of PCMECH readers to notify them of new posts. This email is just a short, plain email with titles and links to our latest posts. You can unsubscribe from this service at any time.

You can subscribe to it by leaving your email address in the following field and confirming your subscription when you get an email asking you to do so.

Enter your email address for
Daily Updates:

Weekly Newsletter

Running for over 6 years, the PCMECH weekly newsletter helps you keep tabs on the world of tech. Each issue includes news bits, an article, an exclusive rant as well as a download of the week. This newsletter is subscribed to by over 28,000 readers (many who also subscribe to the other option) - come join the community!

To subscribe to this weekly newsletter simply add your email address to the following field and then follow the confirmation prompts. You will be able to unsubscribe at any time.

Enter your email address for
Free Weekly Newsletter: