Complex Knowledge-based Password Reset Strings

With all of the data breaches recently, I urge everyone I know to use a password manager application like KeePass (http://keepass.info/) or LastPass (Yes I know they too got hacked) to store complex, long passwords. The benefit to using these apps is that you can make your responses to those knowledge-based password reset questions (e.g., What city did you get your first kiss in? What is the name of your first pet?) random text.


Here is the cool thing, most of those web sites don’t care what you put into that field. They just need it to be something only you know. So, when I get those questions, I enter random text and save it in the password manager. I can use the manager on my mobile devices and computers.


This way, if someone hacks into a company/government site (e.g., OPM, Anthem…) and steals documents that have the truthful answers to those questions or steals your responses to those specific questions, they won’t work on other sites to reset your passwords because you have random responses for each site.

One thought on “Complex Knowledge-based Password Reset Strings

  1. Agreed! This is a great idea for security. Although it has backfired on me from time to time. When I've gotten locked out of my account and had to called a company, the rep has asked me one of the security questions.

    Rep: “Where did you go to middle school?”
    Me: “Uhhhh, hang on… x-7-5-percent-8-ampersand-2-2”

    I've learned by making completely non-sensical answers to the security questions. This helps quite a bit.

    Rep: “What was the first car you ever owned?”
    Me: “Anaheim, Oklahoma”

    Like

Comments are closed.

A WordPress.com Website.

Up ↑

%d bloggers like this: