Why donât answer truth
I really hope you donât REALLY answer those and treat them as just another password, arenât you? If youâre still naive enough to actually put your first petâs name as an answer, please stop doing this especially if service doesnât support multi-factor (at least 2FA) authentication. Whatâs wrong with the secret questions you ask? They are more-or-less common knowledge about you, and as such are not very secret. Your favourite colour, meal, or historical figure are not really all that âsecretâ. So as your first (and maybe only?) petâs name. So as the name of the street you grew up in. You can easily spill any of these to even a complete stranger. You can fall victim of social engineering which is an umbrella term for a few techniques attackers may use to collect information about you.
What else is wrong about the secret questions? Your answer may change over time. Yes, your moetherâs maiden name wonât change so as the nickname of your first pet, but sometimes secret questions are something like âyour favorite colourâ. And if you liked purple 10 years ago, maybe now you like lime green more.
What should you answer instead
Treat them as another password. Your first petâs name? Oh dear weiLabahD7on, he loved chasing the ball. Motherâs maiden name? Sheâs ohKei6Ungee#chohko, which is fairly common last name in her country of origin (ohR9raineengeT). Favorite subject at school? Despite having poor marks, I always loved peec5Weef@aeSo because my teacher, Mr Ahnee8chetah, made it very entertaining.
Or you can come up with some scheme. I.e. if a website asks for your
- favourite meal
- motherâs maiden name
- country of your first overseas trip
your answers could be
- awesome meal
- awesome name
- awesome trip
You could even answer THE SAME THING to all the secret questions:
- I love roasted crocodiles
- I love roasted crocodiles
- I love roasted crocodiles
Itâs less secure, but definitelly more secure than answering truth.