20 Common Security Questions You Shouldn’t Answer on Social Media
Before you play a new meme on platforms like Facebook, make sure they don’t contain possible security questions that could compromise account security.
Security questions are used on various kinds of websites for people who’ve forgotten their password. But sometimes, seemingly innocent memes circulating on social media sites like Facebook ask some of those very questions.
You want to make sure you don’t answer them because doing so could make your accounts less secure.
Here are 20 such questions you should always avoid posting answers to:
- What is your mother’s maiden name?
- What was the make and model of your first car?
- What was your first job?
- In what city were you born?
- On what street did you grow up?
- What was the name of your elementary/middle/high school?
- What was your elementary/middle/high school mascot?
- What was the name of your first grade teacher?
- Where did you spend your honeymoon?
- Where did you meet your spouse?
- What was the name of your first pet?
- What is your favorite sports team?
- What is your favorite movie?
- What is your closest sibling’s name?
- What is your favorite food?
- What street did you grow up on?
- Where were you married?
- Where’s the first place you spent a vacation?
- What is your paternal/maternal grandmother’s first name?
- What is the first name of your first boyfriend/girlfriend?
One of the tricky things about these questions is they seem so innocent. It’s easy to think nothing of providing the answers.
But then someone could potentially attempt to login to one of your accounts using the “forgot password” option. Granted, they’d likely have to have access to either your smartphone or your email account as well, but if it’s someone close to you who might occasionally be able to get to your email, it could be a problem.
Some websites, incidentally, allow the password reset to happen immediately online. They then send an email within 10 minutes or so to the registered email address notifying the registered user of the change.
Here are 3 things you should be doing.
A search of public records can likely supply answers like your mother’s maiden name or the city in which you born.
There’s not much you can do about that, unfortunately.
But there are a couple of things you can do.
Many sites these days are finally giving users the chance to create their own security questions. If you have this option, take it over the pre-selected generic questions. Craft questions that only you would possibly be able to answer, even if the questions seem totally off the wall. (After all, you’re supposedly the only one who’ll ever see them.)
Another way around the security question issue is to answer falsely or use alternate spellings for the right answers. This trick can make it difficult, if not impossible, for someone to guess the answers to potentially pull off a password reset.
Finally, it’s time to adopt a practice that used to be considered a pain in the butt: two-factor authentication. For this, you have to have your smartphone standing by when you log in. You use an app like Google Authenticator or receive a text message to obtain an extra numeric code. You enter this after you enter your password. If you don’t have both, you don’t get in, period.
Call it paranoia, but if you put out too much information and someone’s successfully able to get access to an important account — your bank, for instance — you might end up wishing you’d been a bit more paranoid.
And by then it’d be too late.