Latest Article
How Account Security Questions Can Get You into Trouble

Do you remember when you set up your Facebook, MSN, or online banking account? You were asked to choose security questions with answers that would identify you as the account owner. These were supposed to be questions that only you could answer in case you forgot your password. Typically, they would be questions like the name of your elementary school or your first pet. Seemed obscure enough, right? Well, unfortunately, not obscure enough!

Who would guess that you attended Roosevelt Elementary School? Hackers, that’s who! With a little Internet-based research and a few educated guesses, they can arrive at answers to your questions, reset your password, and gain access to your account.

So what can you do?
Many of us are surprised at how much information we can find about ourselves when we google our own names. (Admit it, you’ve tried it!) But even if the answers are out there in cyberspace for anyone to find, you can still take measures to protect yourself. The following tips can help make the answers to your security questions a stronger safeguard against hackers.

  • Add a twist to your answers. Write them backwards, add an important date that has something to do with the answer—anything you can do so that a hacker cannot simply research or guess your answer. For example, if your first pet’s name was Max, add his birthday and a symbol or two to give your answer a twist, as in <3Max8.12.2010.
  • Research yourself. See what pops up in a quick Google search. Maybe you were a star basketball player, and your name and high school are listed in an article. If a security question asks where you went to high school or what year you graduated, add a twist to the answer or choose a different question. You may also find that parts of your social networking profiles are public, putting even more of your sensitive information at risk. Discover what’s out there and choose questions with answers that are not readily available to anyone with an Internet connection.
  • Create your own security question. Many sites offer this option. Think of a question that only you could answer, and be sure it’s one that you will always remember.
  • Add safety features. Social media, e-mail, and other online accounts offer optional safety features. Facebook, for example, can text you an alert with a new code every time someone tries to log into your account from an unknown computer. If someone is trying to reset your password by cracking your security questions, he or she will be prompted for—and stopped by—that code, and you’ll be notified of the attempted breach.
As with any technology, the safeguards that seem so secure in the beginning can be quickly compromised. That doesn’t mean that we should give up the technologies; it just means that we have to stay a step ahead of the bad guys. A few simple changes to your security questions can help ensure that you, and only you, have access to your online accounts.

2017 Commonwealth Financial Network