OddThinking

A blog for odd things and odd thoughts.

Security Questions

“We’ve had some problems with the system, and we’ve had to reset all the passwords.” said the call-center agent, “Before I can tell you your new password, I need you to garlphrumph kwellaos.”

It was a standard problem: The voice-quality on the long-distance call was poor. Her accent wasn’t helping. On top of that, the ability to distinguish signal from noise when it comes to speech has never been a strong point of mine. I’ve always been crap at making out the lyrics from songs.

I asked her, for the third time in that call, to repeat herself.

“Before I can reset your password, I need you to answer some security questions.”

That wasn’t much better. In my attempt to set security questions that only I would know the answer to, I’ve set myself some doozies in the past.

Earlier the same week, I tried to access my mobile phone account from an Internet terminal. The password was securely stored at home in my Password Safe database, but I didn’t have access to it from where I was.

So what was the secret question I had left myself on the mobile phone web site? “What password is stored for this in your Password Safe database?”

Nice one, Einstein!

“Okay, what are the questions?”

“What was your mother’s maiden name?”

Okay, that was easy. I told her the answer (as could dozens of other people who know me).

“What’s the name of the guy on first?”

What sort of security question is that? Could the answer really be “No! What’s the name of the guy on second! Who’s on first!”? But that’s hardly a secret. Did I really set that? Maybe I meant something else. How else could that be read?

I laughed: “Was that really my security question?”

She patiently repeated the question, a little more clearly this time: “What was your place of birth?”

Oh! I understand now!

Penny Arcade on Security Questions

Penny Arcade on Security Questions


Comments

  1. I like the idea of mondegreens as security questions.

    Q: Please complete the line “excuse me while I”
    A: “Kiss this guy”

    For suitably obscure songs this could be more secure than the mother’s maiden name question!

  2. How much do I love having a good memory! (Before I had a mobile phone, I used my memory, rather than an address book, to store all my contact numbers and addresses)

    But even with this, there are still too many login names and passwords to remember (or to bother to remember, I think, is more the case). So this is my system:
    1. If I need to remember it (i.e. if security is important, or I use it fairly regularly, or remotely) then I remember it.
    2. If I don’t need to remember it (i.e. security is not a big issue, or if the password can be derived using other means) then I don’t bother trying.

    Simple.

Leave a comment

You must be logged in to post a comment.