PG Logo
  • Business Insider
  • Gizmodo
  • Kotaku
  • OpenAir Cinemas
  • Pedestrian.TV
Logo Level Up Your Life
Subscribe
  • Life
    • Money
    • Home
    • Entertainment
    • Travel
    • Health
    • Design
    • View All Life
  • Work
    • Productivity
    • Communicate
    • Organise
    • Career
    • Business Travel
    • Security
    • Small Business & Startups
    • View All Work
  • Deals
  • Coupons
  • Makes Cents
  • Life
    • Money
    • Home
    • Entertainment
    • Travel
    • Health
    • Design
    • View All Life
  • Work
    • Productivity
    • Communicate
    • Organise
    • Career
    • Business Travel
    • Security
    • Small Business & Startups
    • View All Work
  • Deals
  • Coupons
  • Makes Cents

Want Lifehacker's email newsletter?

Follow us, subscribe and get in touch

  • Contact Lifehacker Australia
  • Facebook
  • Twitter
  • Instagram
  • Youtube
  • Linkedin
  • RSS

Recent Posts

How Fireworks Became a Fourth of July Tradition
How Fireworks Became a Fourth of July Tradition
How to Conquer Your Fear of Flying, According to a Pilot
How to Conquer Your Fear of Flying, According to a Pilot
From Suitcases To Carry Ons, Here’s 12 Luggage Options Best Suited to Your Trip
From Suitcases To Carry Ons, Here’s 12 Luggage Options Best Suited...
Put the Sparkle Back in Your Smile With These 8 Highly-Rated Teeth Whitening Kits
Put the Sparkle Back in Your Smile With These 8 Highly-Rated...
Hocus Pocus 2: Get Ready to Be Put Under a Spell Put All Over Again
Hocus Pocus 2: Get Ready to Be Put Under a Spell...

Deals

Save Up to $380 on These 6 Robot Vacuums and Put Your Housework on Autopilot
Image: eternalcreative

Save Up to $380 on These 6 Robot Vacuums and Put Your Housework on Autopilot

A Running List of the Best EOFY Sales in Australia
Image: Mirel Kipioro
A Running List of the Best EOFY Sales in Australia
13 Big Brand Bargains From Ebay’s Massive EOFY Sale
Image: eBay
13 Big Brand Bargains From Ebay’s Massive EOFY Sale
From Anal Beads to Vibrators: These Are the Best EOFY Sex Toy Sales
Image: JuliaMikhaylova
From Anal Beads to Vibrators: These Are the Best EOFY Sex...
Clean Up This EOFY With up to $400 off Dyson’s Cordless Vacuums
Image: Amazon / Dyson
Clean Up This EOFY With up to $400 off Dyson’s Cordless...

Sponsored Articles

Use Your Password Manager For Security Answers, Too

Share

David Murphy

Published 3 years ago: September 14, 2019 at 1:00 pm -
Filed to:1password
accountlastpasspasswordqarecoverrestoresafety
Use Your Password Manager For Security Answers, Too

It’s been a while since I’ve had to type in some stupid answer to a made-up question when creating an account on a new service. You know what I’m talking about: Forget your password, and you can regain access to your account by typing in the name of your first pet (Mr Mrglglrm), your favourite sports team (Saskatoon Sirens), or the street you grew up on (Third Street).

If you haven’t heard, these kinds of Q&As are horrible for security, because it’s a lot easier for someone to figure out these answers than brute-force a complicated password or passphrase.

The obvious solution to this simple problem is to create dummy answers whenever you’re forced to answer questions such as these, but there’s a catch-22: Make up an outright lie, or some crazy combination of letters and numbers, and you might forget your fake answer when you need it most.

At best, you’ll have to get in touch with the company and beg to regain access to your account; at worst, you’ll have no way to verify that the account belongs to you, and you’ll be out of luck.

Here are a few ways you can tackle this problem, ranked in order of effectiveness:

Lie, But Only A Little Bit

When a service asks you to type in the name of your first musical as an account security question, you don’t have to tell the truth. If you first saw The Phantom of the Opera as a child, you could always say it was Hamilton. Or Heathers. Or don’t even pick a musical at all. Go with The Nightmare Before Christmas (which really should be a musical, but I digress).

As long as you can remember your little white lie, it’ll be harder for someone to break into your account by finding something you posted online that would give away the actual answer to the question at hand.

'Starwars' And The 24 Other Worst Passwords Of 2017

'Starwars' And The 24 Other Worst Passwords Of 2017

You know those corny movie scenes, where someone hacks their boss or girlfriend or enemy's password by looking around the room and making two guesses? In real life, that would work way more often than it should. Check out this list of the 25 most-used, and thus most hackable, passwords of 2017.

Read more

Treat Your Q&A Like A Password Prompt

If you want to get a little crazier, you can always obfuscate your answer in a more creative way. Take Kate Kochetkova’s approach, from the Kaspersky blog:

If you want, you can change the answer to even the worst security question ever such that nobody could guess it ” what is your mother’s maiden name? XCU*(&S1042! ” but of course, you need to be careful not to confuse yourself as well.

As a better option, you might take the maiden name Woodhouse and strip it down to the consonants: wdhs. Evenly intersperse the birth date 04.08.80 to get 04wd08hs80. Not a brilliant trick, but much better than the original.

You’re now even more secure than before, as you’re using some obscure combination of numbers and letters instead of a dictionary-guessable name.

That won’t prevent a strong brute-force attack, but it’ll at least beat anyone who is just typing in random permutations of cities, pet names, or whatever else the answer could have been.

The downside? Something like “J2uS*SD12(#..sfa!” is going to be tricky to remember. And the last thing you should do is write it down somewhere ” be it a sticky note on your monitor or a text file on your desktop ” unless you’ve placed your list of answers in a secure location. On to solution number three!

How To Create Secure Passwords That Aren't Impossible To Type

How To Create Secure Passwords That Aren't Impossible To Type

How do you create a strong password? Easy. You mash your keyboard for a few seconds until you have a 50-character hunk of gibberish, then you copy and paste that into a password manager so you don't have to actually remember what it is.

Read more

Use A Password Manager To Store Your Q&As

Yes, your password manager isn’t just for passwords. Assuming your LastPass or 1Password account is secured with a strong password itself, two-factor authentication, and any other tricks LastPass or 1Password offers, you can store answers to account questions in there, too. (Yes, there are many other options beyond LastPass and 1Password; those are just our favourites.)

If you’re a LastPass user, you can drop your answers into the service’s “Secure Notes” section (and require a password prompt to access it, if you want), or directly into the notes of any saved site:

ImageScreenshot: David Murphy

If you’re on 1Password, the process is similarly easy. Drop your answers into a secure note, or just create a custom field for any site entry, and leave your account recovery Q&As there. That’ll look something like this:

Image1Password” loading=”lazy” > Screenshot: 1Password

The best thing about using password managers to store account security Q&As is that you can even have these apps create your answer for you. (An “answer” is just another password, after all.) If you do, you might need to chill out on the craziness ” no symbols, for example ” if the site or service you’re using doesn’t let you say that your first car was a “[email protected] @$$US0RD”.

More From Lifehacker Australia

  • How to Tell If Someone Accessed Your Google Account
  • You Need an ‘If I Go Missing’ File
  • Why 1Password Is Now the Best Password Manager for Mac
  • How to Use Your Android Phone’s Built-In Password Manager
Share this Story
Get our Newsletter Subscribe
There are no more articles to be viewed

© 2007 - 2022 Pedestrian Group

  • About
  • Advertise
  • Contact
  • Privacy Policy
  • Terms of Use

Log in to Lifehacker to:

  • Comment on stories

By logging in, you can access these features throughout our network.

Haven't registered? Sign up here
Lost your password? Click here to reset

Back to Login? Click here

Email newsletters will contain a brief summary of our top stories, plus details of competitions and reader events.

Back to Login? Click here

Subscribe to our newsletter!

Now you can get the top stories from Lifehacker delivered to your inbox. Enter your email below.

By subscribing you agree to our Terms of Use and Privacy Policy.