I grew up in the moral panic that ensued after the Adam Walsh kidnapping and murder. Someone told my mother to establish a code question so we’d know if a stranger was legit or not, so she did just that. The question was so unusual that, if given an add-your-own question option, that’s what I use. I know it, my brother knows it (but doesn’t care about my accounts because he’s not a dirtbag), and my parents know it, but that’s it. (I don’t think Airman even knows about it.)
There are some advantages to having bought your first car whilst living in another country.
No-one but me that I’m in more than the most vague contact with knows what it was… Apart from that- yep, half my relatives and several of my old school friends would know all the normal questions; even the mentally unstable people. Not a great system.
My Mom heard about this a few years ago and said, “That’s a good idea. We should have done that.” The look on her face was priceless when I told her that we did. I would have refused to go with a legiitimate person because they didn’t know the ‘secret code’
That’s ok, facebook rejected both of my grandmothers’ first lastnames. Mind you, I begin by not understanding wth is it any business of theirs whether I’ve changed ISPs, which is what triggered the protocol in the first place.
Blizzard rejects my name. The whole thing is one letter too long for their memory; if I enter it fully, it tells me that’s not the right name. What I don’t understand is how come their input field is longer than their storage field.
They keep track of what IP address (or addresses) you usually log in from. Your IP address would have changed when you switched ISP. To them it looks like a login attempt from an unusual location so they ask the additional questions.
Only I don’t log in “habitually” from anywhere - moving from Spain to Scotland, from Scotland to Spain, from Spain to Scotland, from Scotland to Spain, did not trigger their systems; from my home ISP to my mother’s ISP to my brother’s ISP to my portable ISP did not trigger their systems.
Change portable ISPs and they freak out. Makey no sensei.
I used to think it would make sense to have a trio of answers, like Chocolate, Vanilla, and Strawberry. Unfortunately, I’ve encountered sites where the security questions come up randomly, so you have to remember what flavor goes with which question…
As mentioned above you don’t want to give real answers. You should develop an easy to remember scheme to derive the answer from the question. Given the question “What was the name of your first school?” some possible answers are:
“school first your of name the was what” - reverse the question
“hahafoic” - 2nd letter of each word
“chocolate school” - a memorable word plus the subject of the question
“your first school’s name the question is” - Yoda speak.
I like when they let you pick your own question and response. My credit card company does that, so now when I call them, they have to ask me, “What are you wearing?” And I have to respond, “I don’t think that’s appropriate!!”
(stolen from some comedian, Eugene Mirman I think)
I hate one website that I use for work. The security question is “Please enter your birthday” and the answer box is a blank fucking text box. No indication if it wants mm/dd/yy or mm/dd/yyyy or dd/mm/yy or Month Day, Year. Gah! Stupid!
First of all, I have no kids or spouse. There go half the questions I can choose from.
Then, both my parents have three-letter middle names. Three letters is often too short. Chuck those questions out too.
Then, if I’m lucky, I get a couple of questions I’ll never remember what I answered – “What is your favorite food?” I don’t know, I have lots of foods I like. How should I remember what I put in eight years ago?
Another vote for hating vague security questions. One site I swear added them suddenly without giving me a chance to answer them. I had to phone for a work around.
I feel better knowing I’m not the only one doing that. For me it’s Fuc4companyname. They susally want a capital and a number.
I know it’s mostly theater to cover their asses. I know that anyone who has access to my computer and my account in the first place can get past the questions. How do I know? I had trouble getting into one account. It wouldn’t believe the first street I lived on.
My son said, let me try. He got it. Said I must have been misspelling it. I hadn’t told him the question or the answer. He had clicked on the field and paused and my computer had provided an auto-fill list. He said sometimes you need to provide the correct first letter to get that, but since it’s not something you’re sending out, you can go through the whole alphabet.
Nice. And possibly a clue as to why the option isn’t offered some places.
