What was the name of your first pet? What is your mother’s maiden name? What was the make of your first car? What is the name of your favorite child?
Used for online account recovery, we’re faced with these queries nearly every time we register with a new service or website.
You know the deal: choose about three questions (though the number varies) from a list of presets, and provide the answers in freeform text boxes. If you forget your username or password for that website in the future, answer one (or more, again, depending on the site) of your security questions correctly, and you’ll be granted access to your account.
Insert eye roll emoji
Security questions are common authentication mechanisms and, my goodness, they are a pain.
To start, the preset questions are often very narrowly focused. What if you’ve never had a pet? What if you live in the heart of a city and have never needed a car? Maybe you don’t know your father’s middle name, and perhaps you’ve never had the chance to travel and don’t have a favorite vacation spot.
I could go on. The point is that the questions are pretty exclusive — and often intrusive.
Oh, and then there are the answers — you know, those things you have to enter verbatim, possibly years from the date you write them.
The text fields provided for your responses can be filled with anything. What if you make an error and don’t notice? What if you are in a silly mood and craft a cheeky answer? You probably wouldn’t remember that particular sass three years later, when you need to recover the account.
Then there are websites that make you create your own security questions, which is fun (read: stressful and time consuming). We tend to run into even more trouble here. We typically use very simplistic questions, that are easy to answer, so we can get the process over with.
You’ll be shocked to hear that I have a solution for these woes.
It just so happens that 1Password is the simplest way to manage security questions and answers. It’s also the safest. Your classic win-win scenario! This is how it’s done.
Open 1Password. Click Generate Password, adjust any settings you’d like, then click Save & Copy. There’s your first security question, ready to paste in your browser.
Return to 1Password, open your saved Login item for the website - you probably just created it - and click Pin on Screen.
Click Edit, add a title like “Security Questions” in the Section field, then paste that first generated ‘password’ (your security question) in the “label” field.
To finish up, use the menu to make “new field” a password, click the gear icon to generate the answer to your security question, and save.
Exit stage left
Let’s be real here. Even before the pandemic (and other) insanity enveloped the world, we led crazy lives. It’s not practical to expect one to remember - to the letter - a phrase they typed months, or years, prior.
I didn’t touch on the fact that many websites keep these “security” questions much less secure than you may hope/think. And I’m sure you know they’re often very easily answered by people other than you. Our Chief Defender Against the Dark Arts, Jeffrey Goldberg, wrote about those very issues back in 2012 and his eloquent words hold true today (those retro screenshots, though).
But with 1Password, we’re afforded a bit of simplicity, and a lot of peace of mind. The creation and management of these omnipresent questions and answers is made much easier, and their security (at least, the part we can control) is second to none.