Tell your senator to end the gridlock and renew the Older Americans Act now. Learn more

Bits & Bytes

Most Popular


Ask Sid

Setting Up Web Security

For online protection, say your favorite color is "cantaloupe," not "orange"

Q. How effective are those "secret" security questions required on many websites?

A. Questions such as your favorite color, pet's name or birth city are meant to provide an extra layer of online protection and help verify your identity if you've forgotten a password.

But a study by Microsoft Research and Carnegie Mellon University indicates that people who know you, but not your passwords, can typically guess your answers about 17 percent of the time. About 13 percent of answers can be guessed within five attempts by non-acquaintances (including hackers).

So when given the traditional menu of secret questions, it pays to be creative.

For instance, when asked "What is your favorite color?" avoid the eight basic colors used by most folks. Instead of orange, for instance, use "cantaloupe," "melon madness" or "autumn dusk," getting inspiration and an easy-to-file reminder from color chip samples at the local paint department.

Always avoid questions seeking your mother's maiden name or your birth year or birth city. Those answers can often be found online. Also give a pass to "what was the name of your high school?" — especially if you visit reunion websites or note your school on Facebook.

Another approach is to tweak your answers with numbers and symbols. If you're asked for the city of your birth, answer "At3lan&ta" as opposed to "Atlanta." You can also just make one up: Funkytown isn't foolproof, but it's harder to guess than Cleveland — and website managers won't be checking your birth certificate.

Of course, if your sign-in sessions are few and far between, you might want to make a note of these answers and keep them in a safe place.

If a site lets you create your own secret question, here are some safer options, according to online security expert Mark Burnett, author of Hacking the Code:

  • The first and last name of your childhood sweetheart (but not if that person became a current or past spouse).

  • A phone number remembered from childhood (but not your current number).

  • A favorite place to visit as a child — and a particular zoo or museum is a stronger answer than a vacation spot or the predictable Disney World.

  • Your favorite actor, artist or musician (assuming you don't regularly wear that Springsteen T-shirt).

Sid Kirchheimer writes about health and consumer issues. Check out the Ask Sid archive. If you don’t find your answer there, send a query.

Topic Alerts

You can get weekly email alerts on the topics below. Just click “Follow.”

Manage Alerts


Please wait...

progress bar, please wait

Tell Us WhatYou Think

Please leave your comment below.


Social Networking

Step-by-step instructions on how to use some of the Web's most popular networking sites. Go


How to Use Your PC

Guides covering everything from setting up your desktop, to getting the most out of Excel. Go


Protect Your Digital Life

Keep your computer secure, your web surfing safe, and your inbox spam free with these tips. Go


Discounts & Benefits

Geek Squad Computing

Members save on Geek Squad services with Geek Squad® Tech Support & Guidance for AARP® Members.

AARP Discounts on ADT Companion Services

Members get 20% off NEW installation and activation of ADT® Personal Emergency Response System.

AARP Discounts on Consumer Cellular Phones and Plans

Members save 5% on monthly service and usage charges with Consumer Cellular.

Member Benefits

Members receive exclusive member benefits & affect social change. Join Today


computer questions and tips

Computer Questions & Tips

Pick up some handy how-tos from this savvy group of techies. Discuss


Freebies Group

Favorite Websites & Freebies

Share your top sites for interesting information, helpful resources — and free stuff! Discuss