this post was submitted on 09 Feb 2026
686 points (97.5% liked)
Comic Strips
22052 readers
3016 users here now
Comic Strips is a community for those who love comic stories.
The rules are simple:
- The post can be a single image, an image gallery, or a link to a specific comic hosted on another site (the author's website, for instance).
- The comic must be a complete story.
- If it is an external link, it must be to a specific story, not to the root of the site.
- You may post comics from others or your own.
- If you are posting a comic of your own, a maximum of one per week is allowed (I know, your comics are great, but this rule helps avoid spam).
- The comic can be in any language, but if it's not in English, OP must include an English translation in the post's 'body' field (note: you don't need to select a specific language when posting a comic).
- Politeness.
- AI-generated comics aren't allowed.
- Adult content is not allowed. This community aims to be fun for people of all ages.
Web of links
- !linuxmemes@lemmy.world: "I use Arch btw"
- !memes@lemmy.world: memes (you don't say!)
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
you need to never use the "security questions" ever...
The security questions are often forced.
The trick is to make up answers. Have some go-tos or a pattern that only you know and no one else could guess with information from your life.
Why yes, I did grow up on AmazonFakeStreet. Oh, my spouse? MicrosoftSpouseName of course.
so the funniest thing, we were sitting around at a family reunion. someone asked, so do we all use the same answers for our security questions? and uh, turns out we all do. same made up answers (everyone had the same favorite cat. whose favorite person was me awww yisss), but the same answers. and that moment we decided to update our security procedures.
You get security questions asking you who your "favorite person" is?
Hmm... SELECT * FROM Users WHERE SecurityResponse2 = "*Epstein"
I bet Jesus is a popular answer.
It's the cat, yeah
the trick is q'wdsjfaosdijgoasfgnsdk;jfavfghoiaerjhpguewrhjtiwuerth
never ever put any non-random information there.
i had a 70 year old guy getting divorced, because his wife of similar age "hacked" his email by entering name of their parrot and found out he is emailing with another 70 yo lady.
Ideally you still want it to be something you'll remember, unless you're using a password manager capable of tracking those for you.
The mistake that guy made is that he still chose a name he had some attachment to. You want to make sure you choose something you have no attachment to whatsoever.
And then never reuse the same answer between different services, just in case one of them is storing them as plaintext.
what you are describing is password and we use wallets for these. the problem is, that various services intentionally presents "security question" as sort of a fallback for when you forget the password, because you wouldn't forgotten your first pet's name, right? it is fundamentally wrong approach.
what you are describing is treating the "security question" as second password, which is possible, but kinda pointless. if you have good password stored in the wallet, it is safe and you won't forget or lose it. and if you lost it, it is probably because you lost access to the wallet, so saved security question you treated as a second password and stored in the same wallet is kinda useless now.
I'm just recommending that folks treat the answers to the security questions, at a minimum, like they treat their passwords themselves. The security questions are a way around the password, and so they should be kept just as secure and hard to guess.
If you're using a secure password manager, great, that's exactly the best approach. The majority of people don't, which is where this sorta thing becomes an issue. If you have a password manager and the service you're using forces you to answer security questions, of course you can let the password manager generate something just as random as the password itself (provided it can remember it and can track which term corresponds to which question). For anyone who does not, it's just important to choose something you'll remember but no one who knows details about your life can simply guess. Otherwise it doesn't matter how secure your password is.
You can't even install Windows (local account) these days without answering 3 of these. If you ever click on one of the recovery options, you'll be asked for one of them.
My solution is usually to just randomly smash the keyboard for a while.
The worst about those is that they only give you 6 questions to choose from, and all of them are really bad as security questions.
They should have had a list of at least 20 to choose from. Preferably the ability to enter your own as well.
Well... there's your problem. ;}
No, cause it's at work and not my choice. It's also just one example of many. I don't run Windows on any of my own PCs any more.
My sympathies. It was meant very much tongue in cheek, hence ;} (I'm sure there's an emoji, but I don't think I will :)
i do the same.