Why can't security questions be custom?

Just a little pet peeve o’ mine…

When I first started using the Internet (basically as soon as I had functional motor skills and enough of a grasp on the concept of language to figure out what I was doing; I was an '86 baby and my parents had worked with computers for as long as they (comps) had been around), accounts that required the use of passwords came with a simple HTML form:

Username ________
Password ________
Retype password ________

Maybe they’d ask for you for your email address too, just to make sure. Maybe.

Then some websites started getting smart about dumb people who lose their email addresses, and it became more like this:

Now, every single thing you sign up for looks more like this:

WHY, when I already feel like Moses in the 40th year wandering the desert, do I have to pick a really bad and insecure security question? Holy crap. Everybody I know knows my name, everybody knows what my first car is/was (since I currently drive it and it stands out–it’s red and has out-of-state plates), my entire family and a lot of people I know know my mother’s name, and I’m currently looking for my first job, thankyouverymuch, unless I put in “US Armed Forces” which anyone could easily guess (throw that in, then try McDonald’s, then try Burger King, and if you haven’t gotten someones’s password yet you’re just having an unlucky day). Anybody who follows major American sports–or has an Internet connection they can use to look up team lists on espn.com–and knows where I live can get my favorite sports team in two guesses.

WhyTF can’t I pick my own security question? Why can’t I make something up? I want to HAVE a security question, because I do forget passwords sometimes, so I don’t want to just slam random keys and make a gibberish answer no one will guess like I used to. But I can’t use any of your dumb questions and then remember the answer when I’ve forgotten my password.


Yes, I know, some websites do let you use a custom question. But it seems to be 50-50 at best, and really all websites should let you do it anyway.

You could always enter some other answer rather than the one they’re looking for.

What is your name? - What’s yours?
What was the first job you held? - Bagpipe Salesman

Something witty or silly that you’d remember without being obvious to anyone but yourself.

Personally, I’m allways appreciative when they let me enter my own security question and answer. I can come up with some random things that are much harder to guess.

The thing is, I can’t remember it if it’s not true. Then it’s just like remembering my password. If I could remember my password, I wouldn’t have the problem in the first place.

The security questions are many times something sombody could find out from guessing, looking up your mothers name, or having access to a different site with the same questions. I never put anything correct in the blanks.

Hah. you forgot one of the loops we are increasingly made to jump through:

The ironic part is that the same websites that employ graphics that slay the colorblind along with spambots, are happy to spam you endlessly regarding whatever eighteen of the 374 topics you had to pick.

That’s a sore point with me too. I can’t read the things about 25% of the time.

It’s not on topic, but is about something anoying withe software. There are boxes out there that have the requirements printed in type that fits 8 rows in half an inch. Someone obviously shrunk down an already shrunk down software box design.