Stop Using your Personal Data for Passwords and Security Questions

Posts like this are popping up across my facebook feed and I want to say, I think you're all looking at this wrong.

Many people already know this information about you already. Friends from your school days who are no longer in your life, Ex-Lovers, that cousin of yours who's less then desirable. Some questions like High School Mascot can be derived from your resume. Others like Mother's maiden name are a matter of public record.

  1. Passwords should be random eg &Rtbpb4WWS9G (not my password on any system) can't be guessed no matter how well you know me.
  2. Don't use your personal information to answer security questions, no one is validating the information. You just need to know what the right answers are. You can use a fictional character and answer as them, (What street did you grow up on? "Baker Street", Who is your best friend "John Watson", etc.) Alternately, you can just respond with non-sense (Favorite Color: "Eighteen", Where did you go to Middle School: "The Piggly Wiggly". Etc.). You don't need too be "correct",  you just need to be consistent.
Image
Fist Bump