Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11How to use password hints and security questions safely
When security questions and password hints are required for your account, you may not have filled them out correctly. To best protect the security of your account, you should not be truthful in these fields.
Understanding password hints vs. security questions
While these two account security features may sound similar, they are actually different.
Password hints are just a little trick to help you remember a forgotten password. They're available to anyone who can enter your password, which means they shouldn't be too revealing. Depending on the service, hints may only appear after you've entered the wrong password multiple times, or they may appear when you click a button on other services.
While password hints aren't as common as they once were, some online services still use them. macOS has a password hint option, as does Windows 11 (though only if you're using a local account).
Meanwhile, a security question is a layer of security used as a form of two-step authentication or to verify your identity when you are locked out of your account. When logging in on an unfamiliar browser or recovering your account, you may be asked to confirm the answer to one or more questions.
While your first instinct with both options is probably to answer honestly, it's not a good idea from a security standpoint. There are better ways to use these fields, whether you're forced to use them or want to use them yourself.
Use random passphrases for security questions
The problems with security questions are well documented. Since these questions often ask for publicly available information, anyone with malicious intent can easily obtain the answers.
Your mother's maiden name, favorite color, the street you grew up on, and similar information can be accessed by scouring social media and public profiles. Worse still, some security questions have a limited pool of answers; for example, there are only a few possible favorite colors.
Therefore, the best way to use security questions is to provide dummy answers. You don't want to provide answers that are false but still relevant to the question, making them easy to guess. Instead, you should treat each security question like a different password field and choose a random passphrase that is nearly impossible to guess.
For example, instead of lying that your mother's maiden name is "Griswold," your answer to the question might be "Gratifying Lambasted Narwhals." This is unrelated to the question and extremely difficult to guess, but not difficult to remember — one of the main advantages of passphrases over passwords.
Note : Some companies will ask you to answer a security question to verify when you call. Avoid using symbols and phrases that you cannot pronounce easily to avoid awkward situations on the phone.
Keep the answers to your security questions safe
Ideally, you should store these generated answers in a password manager so you don't have to remember them. Using a password manager is essential to online security in many ways. If you're not already making your passwords more secure with a password manager, this is the best step you can take.
Depending on your password manager, there may be a specific option for security questions. If not, use the Notes field for that site (all password managers offer this option). Once you're logged in, simply copy and paste your passphrase.
Warning : Make sure you note which answer goes with which question, as the answer to a strong security question doesn't have any context!
Make password hints meaningful only to you
Password hints don't help anyone guess your password. The easiest way to do this is to use a password manager for everything and set your hint to "password manager".
Remember a strong master password for your password manager, so you don't have to worry about hints for other passwords. Don't name the password manager you use, as this will reduce the number of applications a potential attacker will try to break into using your email address.
If you don't use a password manager for some reason, password hints are harder to use securely. In general, if a password is simple enough that you can describe it with a hint (like "childhood school plus dog's name"), it's too weak.
A better setup is to use a passphrase pattern that has an ambiguous meaning. You might choose to combine the second word of a song, the middle 5 words of a quote, or something similar – the more obscure the better. Your password hint could then be something like 'best quote' to tease your mind without giving it away.
For your most important passwords, like your password manager's master password, you might consider making a physical backup. Then, the hint might provide a clue to where it's safe at home (e.g., "in the middle of the last book you read").
Which option should I use?
The above advice is useful for accounts that require you to use security questions or password hints. But if you can, you should opt out of these options or turn them off. Any other two-factor authentication method is better than security questions; you're better off using an authenticator app.
You should review your account to disable security questions if possible or adjust your answers to make them stronger. This is especially true for accounts you've had for a long time, as they're more likely to be exempt from using security questions.
A particularly annoying case is security questions where you are limited to a drop-down menu. When you are stuck with these, you still should not answer honestly. Also, you should choose questions that only you know the answer to, rather than questions that someone else could answer with public information.
Take United's security questions, for example: Your favorite sea animal is a better question than your best friend's birthday month, even if you make up the answer. There are only 12 months, while there are more types of sea creatures — plus, you're less likely to share the latter in person or online.
Everything about passwords is stronger when they're random. That goes for security questions and password hints. When you have to use them, create a random answer that you store in a password manager for safekeeping. And when you have the option, turn them off and use a stronger 2FA method.
Isabella HumphreyYou should read it
- Check the security of the password
- Instructions for resetting Apple ID security questions
- Apple updated the password revealing patch from the Disk Utility function
- Instructions to enable hidden password on macOS Macbook
- Enhance USB security with USB Flash Security application
- How to try to crack a password yourself to test its strength
- 5 Misconceptions About Password Security
- Is the password manager on the browser secure enough?
May be interested
- How to Recover an iTunes Password on PC or Mac
this wikihow teaches you how to reset your itunes account password when you're using a computer. you can either answer your apple id security questions or request a password reset email. go to https://secure.store.apple.com/shop/account/... - Enhance USB security with USB Flash Security applicationtoday, usb mobile data storage devices are becoming more and more popular and familiar and therefore the demand for personal information security also increases day by day. there are now many tips and utilities to assist users in this. and the following, tipsmake.com will introduce to you 1 more tool to secure personal information.
- How to try to crack a password yourself to test its strengththe article tested 3 different passwords with an open source password cracking tool to find out which method really works when it comes to password security.
- How to change iCloud password?icloud password is the apple id password you use to log into icloud. the icloud password is created to ensure the privacy of personal user information, such as photos and email addresses. icloud password also helps protect the ability to locate or delete find my iphone remotely. after creating an icloud account on iphone and ipad, during the use process, you should regularly change your icloud password to protect your personal information safely.
- Multiple choice questions about network security implementation have P2 answerssecurity of information and network security is essential in today's 4.0 technology era. to help readers have more useful knowledge on this topic, the quiz below network administrators will send you interesting questions.
- 5 Misconceptions About Password Securitythese outdated password misconceptions can jeopardize your security, which is why they need to be changed now.
- 5 best password management apps for iOSpassword management application helps users to easily create secure passwords with high security for all online accounts, manage and store them in a systematic way and even inform you. if the password is leaked.
- Use an 8-character Windows NTLM password? Congratulations, your password may be unlocked after only 2.5 hourshashcat, an open source password recovery tool, is now able to unlock windows ntlm passwords from eight characters or less in a very short period of time, less than 2.5 hours.
- Multiple choice questions about network safety deployment have the answer P1below network administrator will send you multiple choice questions around the topic of network security. network security is a broad topic, full of knowledge, so the following questions will help you add many useful things.
- Can the security of a password manager be trusted?can you trust the security of your password manager, what are the risks of using a password manager, and how can you strengthen its security?
Tech info
- Microsoft explains the superior advantages of Windows 11 Copilot+ PC compared to old Windows 10 computers
- Why Microsoft Loop Can't Compare to Notion
- Meet The Conqueror: The App That Turns Fitness Into a Game You Can't Stop Playing
- Instructions for setting up swipe to delete mail on iPhone
- Weird but interesting jobs with surprisingly high salaries
- Instructions for adjusting Gmail Android swipe gestures
Microsoft explains the superior advantages of Windows 11 Copilot+ PC compared to old Windows 10 computers
Why Microsoft Loop Can't Compare to Notion
Meet The Conqueror: The App That Turns Fitness Into a Game You Can't Stop Playing
Instructions for setting up swipe to delete mail on iPhone
Weird but interesting jobs with surprisingly high salaries
Instructions for adjusting Gmail Android swipe gestures