I used to think that those recovery questions are stupid, but no. The user is the stupid one, entering the expected information. A few years ago I just decided to enter another generated password in each of the recovery questions, and store them alongside the main one in my password manager. Yes, the school I attended in the fourth grade was nVKuq&zo5BiCOc*0JY5JZHsgRPqcJEumBKV5tt%uSk#acN60s!uLh5MIGwobA3YyHIq3dQxm8r0Yhloloc&3a3BLm!nNbAZ%Vzut - it’s worked for every site I’ve tried it on, too.
Uno reverse the hackers, 4 passwords instead of 1. 😎
Nice. My bank lets me pick my own questions, too. The answers are a transformation of the question which, itself, is just some ASCII. My wife uses the same login for the bank, and she hates it.
Now, you got me thinking. I could make the questions cryptographic hashes that I decrypt to an answer. My wife is going to kill me.
I used to think that those recovery questions are stupid, but no. The user is the stupid one, entering the expected information. A few years ago I just decided to enter another generated password in each of the recovery questions, and store them alongside the main one in my password manager. Yes, the school I attended in the fourth grade was nVKuq&zo5BiCOc*0JY5JZHsgRPqcJEumBKV5tt%uSk#acN60s!uLh5MIGwobA3YyHIq3dQxm8r0Yhloloc&3a3BLm!nNbAZ%Vzut - it’s worked for every site I’ve tried it on, too.
Uno reverse the hackers, 4 passwords instead of 1. 😎
Nice. My bank lets me pick my own questions, too. The answers are a transformation of the question which, itself, is just some ASCII. My wife uses the same login for the bank, and she hates it.
Now, you got me thinking. I could make the questions cryptographic hashes that I decrypt to an answer. My wife is going to kill me.