Skip to content

The insecurity of security questions

Another article link from my dusted-over ~jot directory: The Insecurity of Security Questions: Why I met my wife in CWmKryWzuxCSAnMDuIg. [So dusted-over is my ~/jot directory that Tom Moertel, the article’s author, has changed he link schema of his blog without providing redirects. (The slashes in the date turned to dashed.) Cool URLs don’t change, Tom, not according to the W3C and Jacob Nielsen. 😉 ]

Anyway, I am one of those people who randomly generates his (often overly long) passwords, which I store in a strongly encrypted file, but the article provided a great reminder that I should do the same for my answers to ‘security’ questions.


    2 Comments ( Add comment / trackback )

    1. (permalink)
      Comment by halfgaar
      On March 16, 2015 at 23:25

      I actually already do that. Not the same as my real password, of course. I use ‘pwgen -s 32 1

    2. (permalink)
      Comment by Rowan Rodrik
      On March 27, 2015 at 14:36

      I didn’t know of the existence of pwgen; sounds useful.