- Pick a short phrase, like "supersecret23" (shhhh, don't tell it to anyone!)
- Pre- or append it to the answer of every question on every service
Tinker, build, hack, preferably with APIs.
Q: what do the hacking of Sarah Palin's email account and the exposure of hundreds of confidential Twitter documents have in common? A: Hackers broke into both the same way—not by knowing the password, but by figuring out the answers to security questions. choosing good passwords, those are just the keys to the front doors. What happens when you've forgotten your key? You get in through the "back door", which is usually locked with questions like, "What street did you grow up on?" and "What's your favorite food?" Many of the answers to these questions can be guessed with clever Googling. And if you've ever used a Facebook Quiz or App, you've granted it access to a wealth of personal data. Whether or not a developer has evil intentions, that data goes into a database somewhere, and THAT database could get hacked (Facebook's terms of service won't stop the leaks). If you assume the worst—that the answers to those questions are discoverable—then how can you secure your account? Like this: