Alert
Close

Think you know AARP? What you don't know about us may surprise you. Discover all the 'Real Possibilities'

Highlights

Open

Contests and
Sweeps

Safe Driving in 2014 Sweepstakes

Learn how AARP Driver Safety can help you stay safe—and enter for a chance to win $1,000. See official rules. 

Driver Safety

Piggy bank on the road - AARP Driver Safety

Take the new AARP Smart Driver Course!

AARP Books

Visit the Money Section

Enjoy titles on retirement, Social Security, and becoming debt-free.

webinars

Learn From the Experts

Sign up now for an upcoming Money webinar or find materials from a past session. 

Jobs You Might Like

most popular
articles

Viewed

Scam Alert

Answering ‘Secret Questions’ for Online Security

The difference between secure computing and falling victim to online fraud or identity theft often comes down to a dozen or so keystrokes: your password and answers to those security questions that websites figure only a real user would know.

In the second of two parts , Scam Alert explores problems with commonly used security questions, and how to create answers to bolster online security. In part one, we looked at ways to create stronger log-in passwords.

To add an extra layer of online security and verify a legitimate user who has forgotten a password, many websites now require answers to “secret” questions.

Obviously, the classic “what’s your mother’s maiden name?” is a poor choice, since a skilled hacker can find the answer at government offices that post birth records and marriage licenses online.

But what about other common offerings: Your pet’s name? Your favorite color? The make or model of your first car? The city where you were born, street where you lived, or name of your high school?

Although you may feel secure with such security questions, a recent study by Microsoft Research indicates that answers to such questions are quickly and easily guessed 17 percent of the time.

Consider the math

• Most people use one of eight choices for their favorite color.

• The 15 most common street names are numbers between First and Eighth, or the names of trees (Oak, Pine, Maple, etc.)

• For hometowns, there are 20 extremely popular answers—the 10 largest cities or the 10 most common town names: Fairview, Midway, Oak Grove, Franklin, Riverside, Centerville, Mount Pleasant, Georgetown, Salem and Greenwood.

• Your high school’s name? A quick check of registrants on Classmates.com can reveal that.

• Lists of popular pet names, such as Max, Buddy and Molly, are widely publicized, and any pet name that is known in your neighborhood can be learned by a hacker.

So how can you really boost security when given a menu of weak secret questions?

Invent obscure answers

Websites have no way of really knowing where you were born or your childhood street. So if you choose a geographic question, choose a bogus or altered answer that’s easy to remember:

• Pick the hometown of a relative instead of your own.

• Use symbols and numbers, such as “At3lan&ta” as opposed to “Atlanta.”

• Make it up: Zebulon or Funkytown aren’t foolproof, but they are harder to guess than Cleveland or Seattle.

• Instead of using your childhood street name, use that of your grade-school best friend who lived on the next block.

• Instead of picking “orange” as your favorite color, use “cantaloupe,” “melon madness,” “autumn dusk” or other hacker-resistant hues. For inspiration (and an easy-to-file answer), get a free sheet of “color chip” samples in the paint department of your local home improvement center.

Try to pick your own question

Some, but not all, websites allow you to choose your own secret questions. Here are some good ones, according to Mark Burnett, an online security expert and author ofHacking the Code:

• What were the first and last names of your first boyfriend or girlfriend? (Avoid current spouses.)

• What was the phone number in your childhood home? (Unless it’s also your current number.)

• What was your favorite place to visit as a child? (A museum or zoo is stronger than a vacation spot.)

 

Topic Alerts

You can get weekly email alerts on the topics below. Just click “Follow.”

Manage Alerts

Processing

Please wait...

progress bar, please wait

Tell Us WhatYou Think

Please leave your comment below.

The Cheap Life

Jeff Yeager Cheap Life Ultimate Cheapskate AARP YouTube web series save money

Catch the latest episode of The Cheap Life starring Jeff Yeager, AARP's Ultimate Cheapskate. Watch

Discounts & Benefits

From companies that meet the high standards of service and quality set by AARP.

AARP Credit card from Chase

Members can get cash back rewards on purchases with the AARP® Credit Card from Chase.

AARP Financial Services

Info on saving for education from AARP® College Savings Solutions from TIAA-CREF.

Member Benefits

Join or renew today! AARP members receive exclusive member benefits & affect social change.