Don't Give Away Historic Details About Yourself (krebsonsecurity.com) 158
Brian Krebs: Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, such as "What was your first job," or "What was your first car?" The problem with participating in these informal surveys is that in doing so you may be inadvertently giving away the answers to "secret questions" that can be used to unlock access to a host of your online identities and accounts. I'm willing to bet that a good percentage of regular readers here would never respond -- honestly or otherwise -- to such questionnaires (except perhaps to chide others for responding). But I thought it was worth mentioning because certain social networks -- particularly Facebook -- seem positively overrun with these data-harvesting schemes. What's more, I'm constantly asking friends and family members to stop participating in these quizzes and to stop urging their contacts to do the same.
On the surface, these simple questions may be little more than an attempt at online engagement by otherwise well-meaning companies and individuals. Nevertheless, your answers to these questions may live in perpetuity online, giving identity thieves and scammers ample ammunition to start gaining backdoor access to your various online accounts.
On the surface, these simple questions may be little more than an attempt at online engagement by otherwise well-meaning companies and individuals. Nevertheless, your answers to these questions may live in perpetuity online, giving identity thieves and scammers ample ammunition to start gaining backdoor access to your various online accounts.
Social media (Score:5, Insightful)
The user is the product.
Stop wanting to be that product.
Turn off social media. Get a good VPN. Give your friends email. Use quality video chat. Join a forum, chat room on one topic.
Social media uses that information to build a profile on you and your friends.
What a person omits, fails to mention, lies about will be filled in by friends and family telling the truth. Data gaps are then not as privacy protecting as a state user expects.
Stop using social media and the data-harvesting can be limited to each site and each area of interest.
Re: (Score:2)
Stop wanting to be that product.
If you think that is driving people then you have a fundamental lack of understanding of why people do what they do.
Turn off social media.
If you think that is driving people then you have a fundam... yeah you get the picture.
Give your friends email. Use quality video chat. Join a forum, chat room on one topic.
Why not just post that people should roll back the technology clock by 20 years? Or does that sound like a much harder sell?
Re:Social media (Score:5, Insightful)
Why not just post that people should roll back the technology clock by 20 years? Or does that sound like a much harder sell?
Perhaps, given all the risks people have to face in life, the principle of privacy just doesn't matter that much to people. We eat in restaurants (food cooked by strangers), we drive cars (roads crowded by strangers), and go to the hospital (operated on by strangers), so the idea that strangers know something about your personality, social status, and buying habits, etc. is really neither here nor there. So Facebook's mission to connect everyone... ... to an advertiser, political party, etc. is not high on people's lists of worries in life.
The difficulty for IT people is that, it is a compromise, and so everyone has to pay lip service to the principle of protecting data, even though in practice, almost nobody cares. At least, not care in the sense of, you can get away with it so long as you don't happen to do something which can be sensationalised in a way that triggers people's emotions, which seems to be what happened here. Consequently, Facebook has to ban those companies, not because they were harvesting data (a feature, not a bug) but because they allowed the public to be spun a story about it in such a way that caused outrage. In other words, they allowed a stink to happen. THAT was their sin.
We might think the problem was that a strict rule or policy was broken, ie. data was harvested, and so tighter controls should be used, like some technology problem, requiring a spec and a solution, but no, the actual problem is that a stink happened.
Much of our modern society is built on trust, and that in itself has brought tremendous benefits -- this is a broad point, that you cannot live in a modern city and society if you do not approach hundreds of strangers you interact with, with a basic form of trust -- so we are not going to give up easily on that, because it has given us so much -- consequently, we will forgive and forget these abuses of trust.
I think the particularly isolated geek mindset can forget this aspect, that humans "stupidly" trust each other... but there's a bunch of very good reasons for that pattern.
Re: (Score:2)
If I could mod this up I would.
Re:Social media (Score:4, Insightful)
We also make sure the likes of doctors (who get to know an awful lot about you) are heavily regulated. Chefs aren't regulated as such, but they are bound by reputation somewhat, and in some places hygiene standards and whatnot.
However, that a chef knows you like fish and chips isn't much by itself. Likewise, your doc knowing that your cholesterol is a bit high isn't a thing in itself. Likewise, your gym knowing you haven't visited in 18 months isn't much of a thing in itself. However, join all those things together and your life insurance premiums just went up.
In the olden days this was done by gossip - people would pass snippets of knowledge between themselves and eventually a few people would piece together some facts about you. You'd then end up run out of town, or whatever.
Ultimately: centralised knowledge about you is usually a bad thing for you. It might bring some benefits here and there, but mostly it's not a good thing (if not now, then in the future).
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
A user puts in a random month when creating an account.
Social media friends and family then send the messages that show the actual month.
Re: (Score:3)
That's why your friends should not have your correct information either.
There are people who have known me for 20 years who still don't know my real name. Then again, I don't know theirs either. It's fine. A name is just a label used to address a person, and if you provide an alternative it's just as good.
Re: Social media (Score:5, Insightful)
Favorite color?
ch2zi656pf0u66ob089y0xu84
Mother's maiden name?
7zrhotbw9rx5ul6v029647371
What city were you born in?
su86wzr65u39h1z45f352q19u
Yes, you probably shouldn't answer those questionnaires, but you shouldn't be answering "security questions" either!!! Good opsec has always been to use a randomly generated response and treat as a secondary password. (I.e., Store in your password safe.)
Re: (Score:3)
Favorite color? #550077
This is Slashdot after all.
Re: (Score:3)
Re: Social media (Score:4, Interesting)
I always use the information for a certain fictional character-- it's easy enough to remember that character's info, and it's not yours. So, for example, Mister Spock's mother's maiden name is Grayson.
Advance disaster planning is wise... (Score:2)
A good point for potential disaster scenarios. Honestly, it caused me to reflect, and I was reassured by the following:
1) In my experience, my bank(s) use a different authentication process on the phone. They don't use my online security questions. I guess that definitely could be different for other people. (I actually would prefer they had stronger phone auth, but oh well.)
2) I suppose it's a tradeoff between guarding against the rather more likely event of a phishing/bruteforce/etc online attack that cou
Re: (Score:2)
What was the name of your elementary school? Blue.
What was the name of your first pet? Blue
What is your favorite color? Ticonderoga.
Re: (Score:2)
Definitely a 100 times better than answering honestly!
This was also my technique until I went to full random responses that rely on a password safe.
A few funny, memorable, nonsequitir questions and answers that only I would likely ever guess. The problem of course is backend compromise, reuse, etc.
Re: (Score:2)
But I'm color blind!
Re: (Score:2)
favorite color? blue.. no black..
cast into the bottomless chasm
AHHHHHHHHHHHHHHHHHHHHHHHHHH!
"Blue.. no black!" would be a pretty damn secure answer! :D :D
Re: (Score:2)
Thank you! :)
Hopefully they'll be worth something again someday.
Re: (Score:2)
I haven't seen that yet, but if I did I would be forced to recognize that this institution has no sense of security and make sure I have minimal financial exposure there. :D
33% random chance of successfully guessing the "secret security" response?!
Laughable, Bush League stuff.
Honestly? (Score:5, Insightful)
Honestly, I don't even tell the bank the real answers to these dumb questions. The reason is quite simple: someone could research and find the answers. Far better to just make up a set of answers to these sorts of things. Even multiple sets for different institutions. That's what I do. They have no business knowing details and they have proven they can't keep secrets.
Re:Honestly? (Score:4, Insightful)
This. Those 'security questions' are really just another password. I use random nonsense and put the results in my password manager. I'm a bit surprised that the various nefarious critters wandering about the bottom of the Internet would even bother at this level of trolling, but I guess you gotta make a living somehow.
Re:Honestly? (Score:5, Insightful)
Under no circumstances should you ever use a correct answer for a security question and the answer you have should never be reused. Many sties have a predefined list of security questions and there's a lot of overlap between those lists. An attacker that gets one set of security questions can probably reuse them on other sites beyond the one they attacked.
Re: (Score:2)
I have maybe 4 or 5 sites where I really care what happens. The majority of passwords I store however are for pointless sites that insist you must first register with an account before you can go further (getting support documents from vendors, adding my 2cents to a blog post, etc). I don't really mind so much of every single one of those pointless accounts was hacked or not, there's no useful information there and if somone pretends to be my alias on some random wordpress forum, who cares?
The thing is, fo
So you don't get joe jobbed (Score:2)
if somone pretends to be my alias on some random wordpress forum, who cares?
Someone might post something politically incorrect under your name in order to tarnish your reputation. It's called a joe job [wikipedia.org].
why the hell do I have or need an account at Office Depot? scifi.com? Excite? Hallmark???
Excite at least used to be an email provider. Syfy (formerly Sci-Fi Channel) is a provider of video programming to multichannel pay TV, and you need an account to verify that you subscribe to Syfy through a participating multichannel pay TV provider. You may have ordered some office supplies from Office Depot and allowed the site to store your shipping address in case you reorder the
Re: (Score:2)
One of my friends had one of his friends post a spoof of these questions. The "What's Gangster Nickname?" style of web sites, where you enter your first name and birth month and it spits out "Squinty McGee" or some such. So the person asked one of these on Facebook and the first question was your social security number. He quickly deleted the post because a few people actually started answering it instead of realizing it was a joke.
Re:Honestly? (Score:5, Informative)
This. The comment field in PasswordSafe is a wonderful place to store the made-up answers to those questions....
Re: (Score:3, Informative)
My answers are stored in a password safe.
Q: what was the name of the road you grew up on?
A: T59hZ3HNvx98RC
I've even had to give the "answers" once over a voice call to a CSR, and that works just fine. I got about halfway through reading the string of digits and they said "good enough" and moved on. Which was less than truly ideal, but good enough and worth a chuckle.
Re: (Score:2)
My answers are stored in a password safe.
Q: what was the name of the road you grew up on?
A: T59hZ3HNvx98RC
I've even had to give the "answers" once over a voice call to a CSR, and that works just fine. I got about halfway through reading the string of digits and they said "good enough" and moved on. Which was less than truly ideal, but good enough and worth a chuckle.
When reading that, I imagined hearing Patrick Stewart/Data reading that aloud [youtube.com].
Re: (Score:3)
Mod parent up.
Of course you lie. Just having an account with one of these things gives them the foot in the door.
The best way to combat surveillance is counter-surveillance and actively engage in disinformation.
Re: (Score:2)
Honestly, I don't even tell the bank the real answers to these dumb questions. The reason is quite simple: someone could research and find the answers. Far better to just make up a set of answers to these sorts of things. Even multiple sets for different institutions. That's what I do. They have no business knowing details and they have proven they can't keep secrets.
You don't understand.
You don't get to choose the questions, nor the correct answers.
These questions/answers are composed of information that was mined from your past.
The first time my bank hit me with a quiz like this, I had to dig through my files for some of the answers, because it was from so far in the past.
Re: (Score:2)
Yup, I got hit with that once or twice. Those are questions based on a credit report, so anyone who can run your credit knows the answers.
Re: (Score:2)
I got a background check done at me at one company, and I got the results. It lists addresses for me where I never lived. As in my friend's house was listed although I never lived there or got mail sent there. And a place I never heard of, probalby just someone else with the same name lived there once. I think they just did a quick google search to pad it out past the "no criminal convictions" part.
Re: (Score:3)
Re: (Score:2)
Same thing. I've had the bank ask me questions like this too. Good reason to close the account.
Re: (Score:2)
No, you misunderstand. What you're saying isn't how the security questions work in almost all cases. There are rare places that are using systems like you say - and they're often wrong data.
Re:Honestly? (Score:4, Funny)
I know a guy who used to (and maybe still does) always answer all security questions with "never give guns to ducks."
That was one of the least weird things about him.
Re: Honestly? (Score:3)
Re: (Score:2)
He works in the movie industry. There aren't enough electronic in the universe to post a list of the weirdness that is his life. Or himself. I seriously doubt the admonition is metaphorical.
Re: (Score:2)
If you get shot in the ass by your own duck, and you usually learn your lesson and go buy a gun safe.
Re: (Score:2)
Yup. I just generate another secure password (12 digits, random, high-entropy bit source), write it on a piece of paper and file it. Granted, if someone really wants to break into one of my accounts, they might break into my house, but that's not the usual threat model for online attacks.
Re: (Score:2)
Make an algorithm - It's easy.
Alternative Questionnaires (Score:5, Funny)
What was your first banking password?
What was your first government-issued identification number?
What was your first online handle that you used before you learned that the things you do and post on the internet can be traced back to you?
What was your first humiliating, deviant, or illegal thought?
What was your first felony that you got away with?
What was your first object you dry humped?
Re: (Score:2)
What was your first humiliating, deviant, or illegal thought?
What was your first felony that you got away with?
What was your first object you dry humped?
That can be easily guessed for basically an entire generation: Stealing a porno magazine, stealing a porno magazine, the closest soft thing you can find after stealing a porno magazine.
Poor kids today with their internet connections missing out.
Re: (Score:2)
What was your first humiliating, deviant, or illegal thought?
I once found an Anonymous Coward sexy.
What was your first felony that you got away with?
I stole an Anonymous Coward's intellectual property.
What was your first object you dry humped?
An Anonymous Coward.
Birth announcements are the worst... (Score:5, Interesting)
In one fell swoop, people give away birth hospital (city), weight, height, and name. Just add mother's maiden name (usually already there in FB) and hunt around for dog on their profile, and you've everything you need to file a social security number request before the kid is even 15 minutes old.
And yes, it has been done (though not using facebook-originated data).
Re: (Score:2, Insightful)
Wedding announcements are always good sources of maiden names.
Seriously ? (Score:2)
Brian is usually pretty good for insight but this reads like a 'no shit' kind of observation he made to his in laws over dinner.
Even on sites that require info for registration I simply lie, always have. For info other than shipping address it's not relevant to whatever transaction we're undertaking so I see no reason to provide them with any valid info, for security questions it's easy enough to jot down actual security questions so I can remember the answer in the future (usually in keepass notes).
I do g
Re: (Score:3)
Correction: It should be a "no shit" observation. It isn't. Not by a longshot.
The mere fact that there are still webpages out there, and I'm talking about relatively important and security critical pages, still use this "security questions" bullshit for password recovery should be a testament to how much it is unfortunately not a "no shit" observation.
There are very few questions "only I can answer". And those that only I can answer, only I can answer for a very good reason: I don't want to tell anyone the
xyzzy (Score:5, Insightful)
Even better idea, in addition to not giving away your data, why not also practice good operational security habits? Pick secure answers to those retarded questions. You are storing your password in an encrypted password safe, right? Add some more fields...
Site X thinks my first car was a "eterverinkipen43", but site Y thinks it was a "trocklencaterm39". Some people think my mother's maiden name was "metablersilippe8", but others think it is "glytenclegratio3".
There is absolutely no reason why any two sites or entities should have the same "secret", and none of those "secrets" should be things that your whole family and your entire school class knows. If you go to the "security" page of a site and it shows your answers to these questions, they are stored in plaintext and you absolutely positively must not use that same "secret" elsewhere.
And if a secret can be used as a password (or worse - can reset a password) it needs to be at least as strong as your password and protected as well as your password. Scratch that, it should be protected even better than your password because it will probably never be expired or changed.
Re: (Score:2)
> Site X thinks my first car was a "eterverinkipen43", but site Y thinks it was a "trocklencaterm39". Some people think my mother's maiden name was "metablersilippe8", but others think it is "glytenclegratio3".
Those are the combinations to my luggage!
Re: (Score:2)
I'm going to go try those passwords on your bank account right now!
Re: (Score:2)
Even better idea, in addition to not giving away your data, why not also practice good operational security habits? Pick secure answers to those retarded questions. You are storing your password in an encrypted password safe, right? Add some more fields...
Site X thinks my first car was a "eterverinkipen43", but site Y thinks it was a "trocklencaterm39". Some people think my mother's maiden name was "metablersilippe8", but others think it is "glytenclegratio3".
Which is great until you lose access to your password safe, and instead have to provide the answer to security questions to a service representative on the phone.
Yes, it's a security hole. But the answer shouldn't be "destroy any recovery systems."
allow you to specify what to ask (Score:2)
And the answer...
Whenever I see a quiz, I reply.. (Score:2)
Hmmm. I wonder what info they are harvesting..
just make stuff up... (Score:2, Informative)
first pet's name? scooby doo
birthdate? 1/1/1970
first phone number? 867-5309
first street address? 1313 mockingbird lane
favorite color? rainbow
favorite number? 42
oshit, now you can hack my account.
Re: (Score:2)
My online street address has always been 22 Acacia Avenue.
29 Acacia Road is better!
Here is an actual quiz from my bank (Score:2)
This is an actual set of questions I once got from my bank.
None of these Q/A pairs was information I provided to them.
Each question had 6 choices, with the last being "None of the above".
Only 2 of these questions were based on current information.
I redacted parts of 2 questions containing personal information.
1. In which of the following counties have you ever lived or owned property?
2. Which of the following street addresses in [city_I_once_lived_in] have you ever lived at or been associated with?
3. Which
Re: (Score:2)
Re: (Score:2)
Yes, that is data they have gleaned from your credit reports, and they are asking you to verify whether you are who you say you are. They already have the correct answers.
These are totally unrelated to security questions for which the user provides the answers, in order to secure account logins.
As others have noted, "they have the correct answers" is not always the case; that assumes there are no errors on your credit reports.
I tried to open an online banking account once, and had to answer these sorts of questions over the phone. I failed because I couldn't answer enough of the questions to their satisfaction. I later realized the problem: A few years earlier I'd been conflated with someone else by one CR agency, apparently because that person had my SSN on one of his utility accounts. With extre
Surprised! (Score:2)
I'm surprised these stupid little quizzes are still a thing. I thought it was amusing for a few minutes about 15 years ago, after that I decided I have better things to waste my time doing.
Only if you're doing it wrong (Score:4, Insightful)
Most secret questions can be looked up or guessed if you can read through people's social media accounts. The answers to the secret questions should be lies. Mother's maiden name? Rumpelstiltskin. Place of birth? Sunnydale Hellmouth. First pet? Epileptic sea cucumber.
Re: (Score:2)
double fail (Score:2)
Security (Score:2)
Something has always baffled me about security questions being used to hijack someone else's account on whatever site.
Maybe my experience is different, but every time I've used a password reset form that required me to put in a security question answer... something else happens first. I get an email from the site, after requesting a password reset, to continue that reset I need to click a link in the email. After I do that, then it asks me a security question before continuing with the reset.
Now, here's m
Re: (Score:3)
" You need control of the email account in question"
Ideally, that's the service the secret questions are for. Since they can't rely on you to have access to your email, if you are trying to reset the password for it. Nowadays a lot of email is tied to phone so SMS is an option, but a lot of it is not.
" So what am I missing"
They can call support; and claim they no longer can receive email to the address on file or SMS to the phone number on file, for reasons.
If you have an ISP mail, maybe you changed ISPs, i
not just online (Score:5, Interesting)
Re: (Score:2)
LOL! Do you think it's hard to get that information? If it also had his logins on important websites there could be a problem however him having that would be a bigger one...
Re: (Score:2)
Or the "what color are you" (Score:2)
What is your porn star name? (Score:2)
Combine the name of your first pet with the name of the street you grew up on, be amused by the result, post it all over the internet (and encourage others to do the same.)
I confess it took me a while to notice that these posts were gold for identity thieves. If this meme was invented by an identity thief, I am in awe of their brilliance.
Genealogical Questions (Score:2)
Which begs the question, "Why do bank and financial sites still use questions like 'Mother's Maiden Name' when Ancestry.com probably knows that, even if YOU never filled in an online genealogy?"
Suggestion: Answer all such questions with the same answer, one irrelevant to the question. "Mother's Maideb Name"? "Blue" First car"? Blue. first pet? "Blue".
Re: (Score:2)
Wait, that's the name of my first pet too!
Re: (Score:2)
A dog named Blue? Somebody wrote a song about that!
Re: (Score:2)
A dog named Blue? Somebody wrote a song about that!
Careful with that. I actually had a site refuse to accept my 4-letter answer for "pet's name" because it was too short (and therefore insecure, I guess?). Too bad for any unimaginative people naming their dog "Fido", or "Spot", or ... "Blue".
Or don't make those your security questions (Score:2)
Duh... (Score:2)
I'm pretty sure this is how Sarah Palin's yahoo email account got compromised.
What your SSN reveals about your personality? (Score:2)
Turnabout Is Fair Play (Score:2)
While the idea of obfuscation-as-security has been around a long time, given the pervasive lack of data privacy, relax a little and have some fun with it. Large-scale data mining for profit and massive security breaches pretty much leave everyone who uses the internet wide-open to exploitation, so we might as well make a game of it.
I have four "identities" I use for various purposes, all fictitious to one extent of another. I feed them so much bullshit and chaff that pretty much any "profile" on me comes of
The biggest security hole: security questions (Score:2)
Quite frankly. We keep telling people to use 20 character passwords with numbers and special characters and preferably even characters that can't be typed with a latin keyboard... and then we let them recover that password if lost with the answer for the name of their pet dog they had as a child.
Are you fuckin' serious?
This is from a security standpoint even worse than them using that pooch's name as the friggin' password. Because then a potential attacker would at least not know that the key to the account
Or... (Score:2)
When answering those types of "Secret Questions" at sites you actually use and want security, don;t give the "real" answer.
They ask "Model of first car?", you answer "R3dw!n@$"
etc
Mother's maiden name? 0129834765
etc
What sort of idiot... (Score:2)
Who gives actual true answers to those security questions anyway?
In which case who cares if some equally stupid online survey does get real answers. To things that are usually trivially findable anyway - it's not like I keep what my first car was secret. My parents are divorced, my mother's maiden name isn't exactly rocket science to find out and I don't think she's so ashamed of me as to keep her mother status secret...
Obfuscation (Score:2)
The idea of security questions is in case you forget your password. So, if you lie on the answer, you risk forgetting that too. So I make a mix of truth and falsehood. Favorite pet? True answer is, I don't have one. I "borrow" someones, that person isn't on the internet, and that person's pet died before most of you were born. Spouse questions? Not married, my GF isn't on Facebook, and since I only refer to her as "My GF", it won't be easy for anyone who doesn't know me IRL to get info on her.
Not because of this (Score:2)
but I've stopped playing those games (or quizzes, whatever) on FB and elsewhere not because of this, but because I 0) don't feel like being part of the thousands who think they are engaged in a relationship-building experience with strangers and 1) my family and friends aren't sending me an invite, they just clicked something, possibly bey accident.
And now I lie on my security questions.
Never make your security answers sensible (Score:2)
A: "Silica"
These should be stored securely physically and logically.
The executor should have a copy available for when you die.
Don't answer security questions truthfully. (Score:2)
I think the better advice is, don't answer security questions truthfully.
Questions like "Where did you go to high school?", "What was your mother's maiden name?", "What city were you born in?", etc. aren't hard to find out with an internet search, or just to guess. Hell, depending on your age, you may even still own your first car, in which case somebody who knows your address could simply plug it into Google Street View and see it parked in your driveway.
If a site wants you to set a security question, don
Re: (Score:2)
I haven't run across this yet. What sites are doing it?
Re: (Score:2)
Make stuff up for the questions, then write down your answers somewhere securely (preferably encrypted or on a removable thumb drive). Then look it up later when needed.
Even in the old days when only your bank would ask this and only in person when you were in front of a teller, it wasn't secure. Half the town probably knew your mother's maiden name. It wasn't even remotely a secret or difficult to find out.
And for some of the questions it's going to be vague, so you have to write it down or you'll get it
Re: (Score:2)
I fill in the security questions with random garbage.
Hard to remember if you need to come up with them again. And it's not solved by ensuring you never forget your ID or password because I have known sites that have lost mine but irritatingly insist that it is you who have forgotten them.
So I have at least four entirely false persona complete with birthdays, pets, city, fave colour etc (I add to them as needed) that I use in these situations. So even if I must give my real name eg for a bank account, I can still give various false "First car" or "Favourite c
Re: (Score:2)
I use random-ish information (humans aren't random number generators but good at producing noisy output) and then write it down if it have to be remembered.
But sites that require (in)security questions are just filled with crap that is then quickly forgotten. Because if I forget the password the site obviously isn't important, really important logins are written down on paper as a backup.
Re: Absolutely... (Score:2)
Re: (Score:2)
Your mother's maiden name was Cowboy Neal? Interesting family...
Re: (Score:2)
Name a city in in Canada.
Cancun!!!
Bing! Number two on the Family Feud board--2nd most popular answer from their audience.
If I say my favorite colour is "clear" and respond with that when questioned, I get in.
Re: (Score:2)
That's not going to be much help in stealing my identity; my parents were married just over 80 years ago.
Re: (Score:2)
It's not easy, but training is available:
https://www.youtube.com/watch?v=U90dnUbZMmM
Don't thank me. I live to serve.
Re: (Score:2)
I started informing companies that the phone call can be recorded for security and training purposes. You get a whole range of very funny reactions to something like this.
Re: (Score:2)
fFz0fPEDX63wFZK2ZKaO
07avA68VFskVredZl5VV
RASCcLqjYcseOU00HicJ
0002. Damn Roosevelt.
Re: (Score:2)
Use the same method for choosing a "security" answer that you use for choosing a password. I.e. let a random generator do it and note it in a password safe.
Re: (Score:2)
Someone in a chat area of a site with start a survey. One popular one is: "What would be your porn star name?" Take the maiden name of your mother, and put it after the name of the city you were born. As in Topeka Smith.
Surprised that a lot of people will add an answer.
Lewinsky Washington