Summary

The context discusses the importance of providing false answers to security questions for website security, citing examples of questions that should be answered untruthfully.

Abstract

The context emphasizes that providing truthful answers to security questions can compromise one's security and financial accounts, potentially leading to identity theft and business losses. The author suggests answering security questions untruthfully, citing examples such as the name of one's pet, birthdate, city or hospital of birth, and first job. The context also highlights the potential loss of intellectual rights, trademarks, and patents due to providing true answers to security questions.

Opinions

Security questions are too obvious to provide truthful answers
Providing truthful answers to security questions could cost money and business losses
Providing the truth to security questions could cost one's intellectual rights
It's important to give false answers to security questions for website security
Common security questions such as pet's name, birthdate, city or hospital of birth, and first job should be answered untruthfully.

Why you must give security questions a false answer with some examples

It’s okay to lie a little for the sake of website security…no one has to know — and they shouldn’t know.

You know those “security questions” I’m talking about. They’re supposed to be easier to remember than your password, but they defeat the purpose of website security. This one time, you have to “lie” just to remain protected. I don’t give real answers to them, and here’s why and what questions you should most lie to.

1. The answers you give to security questions are too obvious.

I’m not that popular, but anyone who knows anything about me such as the birthdates of family members would figure this out. The same applies to the name of first pet or what city or hospital I was born. Some of the people from my life both past and present might even know what my first payroll job is. Nope, I’m not doing it for this reason alone, and you shouldn’t do it either. There’s more than just this reason though.

2. Truthful security questions could cost you money.

When protecting yourself against personal identify theft, honesty is never the best policy when answering online security questions.

You open yourself up to identity theft as easily as you would if you give someone your phone number. It’s as if you’re in one of those paper phone books everyone can see all over again. It’s about as much of a risk as is Google Maps on Street View. Think you can trust everyone you know, by the way? Here’s a good chance to find out — but don’t risk it. You could lose money.

3. Giving real answers to cybersecurity questions could cost you your business.

Commercial cybersecurity breaches take identity theft to a whole new level. Hackers could invade your financial accounts and send the money to somewhere halfway across the world if they want. They also could use the data they gathered during the infraction to undermine your entire company.

Before you know it, they could replace you as the new owner. You might not even know they were behind it. All this could happen if they just know you a little too well to gain unauthorized access to your accounts.

Regarding business breaches: Of course, it’s not quite that simple.

After all, it could be an inside job from someone who works under you or with you. It could even be a co-owner. In this case, you have to be extra careful what passwords you use on sites. Additionally, you have to add layers of security not known to them and limit their access to corporate accounts.

Still, if they get to know you well enough, there will be few secure passwords left to use. Don’t fall pray to those hackers you thought were your friends. Make it as hard as possible by lying on those security question forms.

4. Providing the truth to security questions could cost you your rights.

Again, business cyber security is more complicated than just providing a few secret questions on a personal account. However, it demonstrates how easy you can lose your intellectual rights, trademarks, prototypes or other trade secrets you thought were kept safe. Imagine it taking just a small phrase to lose your inventions, patents, copyrights, and other life’s work.

You should give false answers to these security questions:

(Besides “What’s your spouse’s mother’s maiden name?”)

What is the name of your pet?

Obviously, if I get another dog, I’m not going to make that the answer to my security question.

What is your (or your spouse’s) birthday?

Colleagues and acquaintances might have to know you for a while before finding out the answer to this, but they eventually might use it against you.

In what city were you born (or what hospital)?

Still, another obvious enough of a question, I think. The variation of this inquiry doesn’t matter.

What was your first job?

I did cave once because I was tired of remembering my false security answers. However, I don’t recommend adding this as one of your security questions — regardless of how long ago you worked there. Credit bureaus probably have all the intel on you from the year you were born, including this question’s answer. If you do use this question, make up a fictional world not found in popular video games.

By the way, this advice about “security questions” came before “cybersecurity” ever existed.

My landlord of one of my first apartments I rented and me were discussing credit card applications. Somehow, a joke about the “mother’s maiden name” related to filling out the forms to acquire a card came up.

“I just give them a false one,” he said.

I shot him a questioning wrinkle of the forehead and responded, “Hugh?”

“Yeah,” he answered.

My impressionable, 19-year-old mind thought this was one of the best slices of advice I ever had. Maybe that’s why I still remember it almost 30 years later. Don’t give any real answers to any security questions online — ever.