cl-nz logo
Story image

Honesty is not The Best Policy for Password Resets

05 May 2009

Common password reset questions include the following:

What is your mother’s maiden name? Where were you born? What high school did you graduate from?

All of these and many others have answers that are probably public information. In other words, it isn’t hard to know the answer to your “secret question”. Let dishonesty be your secret weapon!!!

There is no reason you can’t make up the answers, the only trick is to remember your lies. OK, let me put this in a more socially acceptable manner. Make up a new life. Make up a story and remember it.

So, now your mother’s maiden name becomes “Smurf” or something equally silly. You graduated from “Basketcase HS”. I was born in “A Different Galaxy”.

Make up a story, it will help you to remember it. Pick a character in a book if you wish. As long as the information isn’t easily guessable then it will be very hard for an attacker to change your password by answering a ridiculously easy question.

If you choose your own questions then make sure the answer isn’t easy to guess or find on the web.

Randy Abrams Director of Technical Education

ESET Global

To find out more about ESET, visit the ESET website.