• Licensed_to_ill@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    Bones. I’m sorry but you weren’t my first dog. My first dog will forever be the answer when it comes to security questions. It’s convenient. But you’re really my favorite. I love you bones.

    • i_love_FFT@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      Plot twist: Bones’ official full name is actually “James Bones”, but he doesn’t know.

    • Lightfire228@pawb.social
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      4 months ago

      Don’t use real answers. “Security” questions have the same ‘authority’ as passwords (they can be used to change your password), but are often not treated with the same level of care as actual passwords.

      Meaning, SQ are often easier for a hacker to figure out and exploit. In that event, SQs are actually worse than passwords, because they’re “unchangeable” (well, the real answer is). So if an SQ answer gets compromised, you’re SOL

      The best option is to use a password manager, and randomly generate passwords and SQ answers (i use 1Password, but there are other good options)


      Edit: oh and, if you use real answers, then those are more likely to be publicly searchable on Facebook or socially engineered (like a “which dog are you” quiz)

  • niktemadur@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    Gonna get a bit pedantic and point out that the question actually asks the name of FIRST pet, not FAVORITE.

  • Matriks404@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    How is even having these security questions even considered safe? What is more likely, person to know your password or a name of your favorite dog that you might get from that person’s Facebook account?

        • TehBamski@lemmy.worldOP
          link
          fedilink
          arrow-up
          0
          ·
          4 months ago

          Ha, no worries. I was just teasing that those that made their passwords their rush or those that they were dating were often in middle school. Kinda like kid logic.

          • Emmie@lemmings.world
            link
            fedilink
            arrow-up
            0
            ·
            edit-2
            4 months ago

            I was dating as far as back as kindergarten so this is all very blurry history
            Middle school felt like middle age crisis I am not kidding, fuck that time period. When I look at my photos from then I see someone fatally depressed, pale skin and empty gaze held by the smiling, blissfully ignorant parents.

            God damn this is what happens when someone mentions middle school near me. Someone should blow that building up.

    • Ashyr@sh.itjust.works
      link
      fedilink
      arrow-up
      0
      ·
      4 months ago

      Can and absolutely do. Pet is my standard security question and it’s just a standardized password I use only on that field.

      • tyler@programming.dev
        link
        fedilink
        arrow-up
        0
        ·
        4 months ago

        You should most likely generate a unique one for each website, but I doubt any attacker is going to go to the trouble of capturing that once and trying it again as a security answer elsewhere.

        • FuglyDuck@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          4 months ago

          I use a password manager…. Generate a random string at 36 characters and then back off to whatever they’ll accept.

          The number of idiots forcing less than 24 characters for things like that’s… way too damn high. (Probably preaching to the choir here but there was an issue with windows screwing with the encryption or something “requiring” 24 instead of 12.)

          • Frog@lemmy.ca
            link
            fedilink
            arrow-up
            0
            ·
            4 months ago

            Sometimes banks ask me my answer to security questions. This ever happen to you?

            • FuglyDuck@lemmy.world
              link
              fedilink
              English
              arrow-up
              0
              ·
              4 months ago

              You… go into a bank?

              For what?!

              I could always show them my id or something. You know, the same one I showed to get the account.

        • dubyakay@lemmy.ca
          link
          fedilink
          arrow-up
          0
          ·
          4 months ago

          The bad part is of course when it’s not just the password leaking but the security questions and answers as well.

  • Frog@lemmy.ca
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    To Bones. You are a good boy. You also added a space after the “S”. It’s still you.

  • DragonTypeWyvern@midwest.social
    link
    fedilink
    arrow-up
    0
    ·
    4 months ago

    All y’all acting like Bones is a good boy who deserves to be the favorite when he is clearly being a BAD BOY.

    Maybe trying to hack his best friend’s account is why he isn’t the favorite!