A few of my favorite things... · 11:21pm Jun 12th, 2014
I realize this is a bit out of nowhere, but a while back, I was signing up for something, and I was offered a slew of security questions in case I forgot my password. One option was something along the lines of "What is your favorite movie?" I thought to myself, "That's way too general--there are so many movies I like, that I can't pick just one."
Now, I understand perfectly well that you'd want a question like that to be general, to make it more difficult for a stranger to guess, but it started me thinking about more specific questions about my personal taste that I could answer with more certainty. What follows are the questions I came up with, followed by my (genuine) answers.
What is your favorite...
... Harry Potter novel?
Harry Potter and the Half-Blood Prince.
... Final Fantasy game?
Final Fantasy XII.
... Radiohead song?
"Electioneering."
... episode of Cowboy Bebop?
"Toys In The Attic."
... Lord of the Rings movie?
Trick question: It's only one movie, split into three parts.
... ice cream topping?
Hot fudge.
... player on the 2008 Philadelphia Phillies?
Jamie Moyer.
... question from this list?
I'm gonna have to go with the Lord of the Rings one. The joke was kind of predictable, but it made me smile while writing it.
That's why I hate secret questions -- since they're so general, the chances of me remembering the same answer I gave originally (even accounting for trying over and over again) is about 1 in 3. I lost my RIFT account permanently because they reset all the passwords and made you use your secret question to enter a new one.
My answer to the last one would be the last one.
Final Fantasy VI, all the way.
Favorite LotR movie? The Hobbit.
I absolutely hate, hate, HATE those stupid "security" questions. Significant Other refers to them as "Wish It Was Two Factor" authentication.
Instead of using proper two factor authentication with something you know (password) and something you have (OTP list or token generator) those numpties use a password (usually with character limitations and maximum passowrd lengths-WTF?!) and another password, albeit one more easily guessed thanks to social media posts.
Drives me absolutely mad.
Coincidentally we (Significant Other and I) use KeePass for all our password management needs. There is a simple plugin you can download for KeePass (Readable Passphrase) that you can use to create random answers for those bloody security questions in lieu of the real answers.
Now my favourite teacher's pet's name is "a swift one disbanded the diorama", my mother's friend's maiden name is "a shipyard sneers far from the fog", and my second favourite ice cream flavour is "Sandburg messed up your submersible".
Just make sure you pick a secure pass phrase for your KeePass database, and keep regular backups, and you do not have to worry about keeping track of all you logins and security questions.
</soapbox>
I agree with SIGAWESOME completely. I also use KeePass for my password needs and for years I have used another random password for the questions. What the heck is the point of having easy to guess passwords (if you use social media) that can bypass your supposedly hard to guess password.
Really, XII is your favorite? That's not one that gets a lot of love. It's the first one I didn't finish, if we're being honest. Didn't hold my attention or nurture my affection.
I do love me some Beebop though.
>>
The worst thing about questions like that isn't even that it's hard to pick one... it's that the answers change over the course of your life. What if I sign up for something now, and then Guardians of the Galaxy becomes my new favorite movie? I'd end up having to type in every summer blockbuster I've liked in the last five years just to figure out my own security question, at which point I'm no better off than someone trying to access my account.
2202299
+1 for KeePass and utterly random "security" question answers. I don't even use human-readable ones, or different ones for each question. ANY security question on any site I use is just something like "XzLH3nxTvTJG0QSHsHlUN" and I wouldn't have it any other way.
Nice, except now you've given that information away on a public web page. Shouldn't be too hard to change, but yeah.
2202491
That is certainly good advise. $DEITY help you though if you have to call the institution regarding your account and have to provide the answers to 1 (or more!) of your questions. I like to use a secure, random passphrase for the question answers because it is easier to give to the tech support chappie in the call centre when I need to unlock my account.
I find (after bitter experience) something like "twelve purple limes threatened the monarchy" is more easily understood than "uppercase XRAY lowercase ZULU uppercase LIMA uppercase HOTEL THREE lowercase NOVEMBER ... uppercase INDIA uppercase UNIFORM uppercase NOVEMBER" when speaking on the phone.
2202735
Heh.
I made those questions (and answers) up randomly on the spot. The sad thing is, as stupid and satirical as they are, those questions are almost plausible.
Not only is Toys in the Attic the best episode, it also has a moral worthy of MLP: Don't forget about food in the fridge (or it will evolve into a slime that tries to kill you).
2213322 -
2214704
Thank you sir, that was great.