TimelyStuff.com - Red White and Blue Clock

Secret Questions

How to create answers to your "Secret Questions" that are really Secret
(and why you should).

Here's an easy way to help identity thieves steal your identity – Fill out a "Secret Question" a.k.a. "Security Question" form on every secure website you use regularly, "to help you log on if you forget your password", and be sure to answer any "Secret Question" truthfully.

Here's why that helps identity thieves:
  1. Almost every site uses similar "Secret Questions".
  2. The answers to these questions are readily available to anyone willing to look online.
  3. Identity thieves are probably (ya think?) willing to look up your answers.
  4. Using this information, they can retrieve or reset your password more easily.
  5. Once they have access to just one website with all of your personal information, stealing your identity is easy.


My research indicates that banks began using security questions as a means of identity verification around 1984 - could Orwell have been on to something here, too?

Security questions are supposed to be a way to prove - usually to a computer - that you are who you say you are.

Websites that ask you to answer secret or security questions usually claim that this is being done for YOUR benefit.

No, it's not for you. "Secret Questions" prevent them from needing additional staff to help you if you forget your password.
Of course, this means no additional staff is needed to provide identity theives access to your account.

Let's look at what defines a "good" secret question:
  1. The question should apply to any user.
  2. The question must have only one correct answer.
  3. The answer must not change over time.
  4. The answer must be easy for the user to remember.
  5. Only the user should know the answer.

Now consider a few of the "Secret Questions" posed by websites:
  • What is your mother's maiden name?
  • What city were you born in?
  • What was your high school mascot?
  • What was the name of the first street you lived on?
  • What is the name of your pet?

Perhaps in the mid 80's it was more difficult for a stranger to discover the correct answers to these questions.

Today, almost anyone with internet access and basic computer skills can answer these questions about almost anyone with little effort.

The answers to "Secret Questions" are not very secret and not at all secure for most people.

So, what should you do?
Create your own fictitious answers to these questions - but be sure to record your answers where you can locate them if needed.

Remember that you are communicating with a computer, not a person, and the computer has no idea what the "real" answers to any of the "Secret Questions" are.

So invent an answer of your choice - it is also a good idea to try to invent answers that you can actually remember. See number 4, above, in the list defining a "good" secret question. But even if it's easy to remember, WRITE IT DOWN or Record It, PLEASE!

For example, the answer to the Secret Question, "What is your mother's maiden name?" could be something like Hocus#Pocus*92143, which should be easy to remember for someone who likes magicians and was born September 21, 1943...

Chances are pretty good that Google won't be able to provide that answer for any would-be identity thief, making your personal information much more secure.

Be careful out there!