Please Answer the Security Question

At my dayjob, I have to change my password every six months.

Such is the tyranny of IT.

And really, I understand. I do. I mean, sure, a part of me wonders what bereft soul out there truly wants to hack into my user accounts to obtain all sorts of deadly dry government reports. I can just imagine this villian. “Bwah ha ha ha! I refuse to capitulate to regular channels and FOIA this! I shall STEAL the information and then… and then… I shall HAVE it!”

This is why I don’t write espionage novels.

The thing is, I’ve been coming up with passwords for over twenty years now. Most of us have. When the whole computer thing, followed very quickly by the computer security thing, started ramping up, I had a system for passwords. I had a low-security password that I used for all sorts of non-financially related information, a medium-security one for more sensitive stuff and a high-security one for stuff that connected to money.

Yeah – I have nothing more important than money to protect.

Back then, I understood my tiering system. It was based on a coding only I understood. I easily remembered my passwords. Then they started telling me how my passwords should be. You know what I mean. More letters. Symbols. No leading or following numbers. And with complication the IT folks developed to foil hackers, the less likely they made it for me to remember all the contortions of my passwords. In fact, my passwords have gotten more consistent in many ways, because I don’t dare add my arcane spin on top of all of theirs.

And then.

The security questions started in.

Yeah, I know I’m supposed to know the answers to these things. After all, I put them in. Still, when I’m trying to transfer money in between conference calls and the computer asks me for the name of my first pet, I have to pause and think. What would have the past tense me have answered? The dog we had when I was born? The cat who was run over on the highway when I was four? The first cat that was really mine?

Or name of my paternal grandmother? Come on guys – like I have only one paternal grandmother?? We live in an age of multiply blended families. Did I pick my blood father’s mother or the mother of the stepfather who raised me? Besides, I always called her “Grandmother” – how did she spell her name again?

And don’t get me started on those first grade teacher ones. I had a team of six teachers (as I recall) and I can think of the names of about half of them. Favorite sports team? I don’t watch sports. Favorite song – are you kidding me?? When people ask me for my favorite song, book, movie, dessert, beetle or Beatle, I generally pick whichever feels shiniest to me at that moment. I don’t dare record that and hope to remember what past tense me thought she liked on any given day. As for my high school mascot, I can never remember if I think it’s singular or plural, the full name or the shortened version.

Recently, with the big Zappos hacking, I had to relinquish my low-security password. It was past time and I knew I had to do it. But it was my first password, nice and obscure, but I’ve been using it easily since 1988, I kid you not. I used it on sites like Zappos – the ones that insist I register as a customer, but with no consequences. I really didn’t care if someone ran amuck on Zappos masquerading as me, since I didn’t store any personal information on there. What were they going to do – screw up my shoe size preference?

Still, Zappos kindly sent me a warning saying that, if I used this password anywhere else, I should probably change it.

You people would not believe how many places I’ve used this one stinking password. I’m still finding them. It’s like cleaning out nearly twenty-five years of basement crap. And then examining each thing, cleaning it and slapping a brand new, infinitely more complicated password on it.

So, tell me I”m not alone in my rant. What’s the worst security question you’ve encountered?

12 Replies to “Please Answer the Security Question”

  1. I’ve been migrating my low security password, too, since that Zappos email! I just thought about it this morning. This is a fun post. But really, those security questions seem so useless now, with so much on the Internet. I like it when you can make up your own security question.

    1. That’s so funny, Carolyn! We are all brothers and sisters in Zappos! And so true – if anyone wanted to compile information on me, I’m sure they could answer all of my security questions. I don’t think I’ve gotten to make up my own. Which is your favorite mole? I’m liking this!

  2. There is a new trend to NOT have the standard questions, Like grandparents, place of birth, etc, and to instead be more obscure, and only offer teacher’s names, school you attended for the first grade. Your telephone number when you were three (ok, that’s a far fetch, but there was something about your address when you were five). I was a military brat, and we moved regularly. If we weren’t moving cuz dad got reassigned, we moved cuz we found a cheaper house. That meant different schools too. All these “when you were a kid” things, they need to go. Cuz the only person who knew the answer to those was my mom and she’s gone now, so I’m totally hosed. I can tell you what it felt like to learn to ride a bike, but I can’t tell you what the zip code of my dad’s house was when I was in the 1st grade!

    1. You know, Teresa, I think the problem is that it’s 20-something techies thinking up the questions. They have no idea that, in 20 more years those details won’t be burned into their brains anymore.

  3. LOL – I’ve been planning a blog post on this very topic. One of the recent options I was given was “what is the name, breed, and color of current pet”. Uh-huh. That means I’d also have to remember how I *punctuated* my answer! Two commas, three, or maybe none! Ridiculous.

  4. No one says you have the give the correct answer to the security question – how would they know if it was right or not? 🙂

    What I hate is when they make you do a complex password, and then don’t give you the hints to help you remember what iteration you may’ve used to make the standard password complex (like 1 capital, no ending with a number, etc.). So then you have to go through the whole reset password thing, and make up yet *another* obscure password and then hope you remember the rules when you go there again.

    Not nice to those over 40, I agree.

    1. I’ve thought about making up an answer, but then I’d be faced with trying to remember what I made up!

      The iterations thing drives me nuts. Did I start with an asterisk and end with a number? The reverse? I’m almost ready for retinal scanning…

  5. Name of my favorite childhood friend? favorite pet?

    That was the security question that stopped me short. I’m supposed to play favorites and remember?

    Or childhood street address?

    Like many, I moved a lot.

    I’m starting to buy in on the idea of retinal scanning too.

  6. I guess most of the places I go aren’t too picky about how passwords go – letters and numbers in no particular order and without punctuation marks. What I hate are the ones that make you change your password every three months and you can’t use any incarnation of any password you’ve used in the past year. Stupid hackers and identity thieves. Life would be so much easier if people just stopped all that crap. Bleh.

    From now on, I’m answering security questions with a set of made up answers. First address? 9021 Biteme Dr. First pet? BaddogEvilKitty Mother’s maiden name? Petri-dish

Leave a Reply

Your email address will not be published. Required fields are marked *