So 6 years ago, I wrote this little diddy on how to handle password reset (Security) questions. This still applies today. The trick is to lie consistently.

In light of the iCloud exploit I've been thinking a lot about secret questions for password retrieval. I've never liked secret questions as a way to retrieve / reset passwords. Anyone who's known me a while can answer them. If you're a public figure the answers to your secret questions can often be found on your wikipedia page or your latest teen beat interview. You might be saying, "Yo wise guy, you have to answer the questions"... yes but you don't have to do it honestly, you just have to lie consistently. Google isn't checking against a database where you went to School, they just make sure you answer the same way when you set it up and when you are requesting a reset.

Without giving away more information, I've always used a different person's bio when answering secret questions. For Example:

1) Name of Street You Grew up on: Privet Drive

2) Mother's Maiden Name: Evans

3) Name of your Best Friend: Ron Weasley

4) School: Hogwarts School of Witchcraft and Wizardry.

5) Favorite Sport: Quidditch

6) Make / Model of Car: Buckbeak

... etc, etc

The person can be fictional or a real person. Before you try, the person I chose is not someone from sci-fi / fantasy fiction. We all have the biographical data about someone else in our heads whether it's a character out of a book, an actor, a sports figure or a politician. Odds are you'd be safer then using your own data.