- cross-posted to:
- nonpolitical_memes@lemmy.ml
- cross-posted to:
- nonpolitical_memes@lemmy.ml
To Bones. You are a good boy. You also added a space after the “S”. It’s still you.
Oh whew. I needed to see this because this comic had me surprisingly agitated.
Curious, agitated that it wasn’t Bones or the space?
Agitated that the cartoon dog had a reason to doubt that he was the goodest boy.
I immediately saw that do to how many times I have copy/pasted into text fields and they error out. What do you mean my routing number is invalid!
Someone tell Bones that you can lie on security questions
Bones would never lie - he’s a good boy, yes he is:-).
Can and absolutely do. Pet is my standard security question and it’s just a standardized password I use only on that field.
You should most likely generate a unique one for each website, but I doubt any attacker is going to go to the trouble of capturing that once and trying it again as a security answer elsewhere.
I use a password manager…. Generate a random string at 36 characters and then back off to whatever they’ll accept.
The number of idiots forcing less than 24 characters for things like that’s… way too damn high. (Probably preaching to the choir here but there was an issue with windows screwing with the encryption or something “requiring” 24 instead of 12.)
Sometimes banks ask me my answer to security questions. This ever happen to you?
Yep and I just give them the long random string. They don’t care.
The bad part is of course when it’s not just the password leaking but the security questions and answers as well.
So…. Am I the only person that generates a random password as an “answer”?
There are at least two of us
On phone: okay Sir, we need at least the name of your favourite dog for verification!
Bones. I’m sorry but you weren’t my first dog. My first dog will forever be the answer when it comes to security questions. It’s convenient. But you’re really my favorite. I love you bones.
Don’t use real answers. “Security” questions have the same ‘authority’ as passwords (they can be used to change your password), but are often not treated with the same level of care as actual passwords.
Meaning, SQ are often easier for a hacker to figure out and exploit. In that event, SQs are actually worse than passwords, because they’re “unchangeable” (well, the real answer is). So if an SQ answer gets compromised, you’re SOL
The best option is to use a password manager, and randomly generate passwords and SQ answers (i use 1Password, but there are other good options)
Edit: oh and, if you use real answers, then those are more likely to be publicly searchable on Facebook or socially engineered (like a “which dog are you” quiz)
Plot twist: Bones’ official full name is actually “James Bones”, but he doesn’t know.
How is even having these security questions even considered safe? What is more likely, person to know your password or a name of your favorite dog that you might get from that person’s Facebook account?
That’s why you make the answers fake ones. Like instead of your actual favorite pet, you answer lassy or airbud or something stupid like that
Even to the point of being nonsensical. I’ve had tech support chuckle at me but the intent was clear as day. Anyone can find my mother’s maiden name. Good luck figuring out the answer I gave the bank.
Psst… Try “McCoy”, or “Dr. McCoy”. :)
Dammit Jim, I’m a Doctor not a golden retriever!
All y’all acting like Bones is a good boy who deserves to be the favorite when he is clearly being a BAD BOY.
Maybe trying to hack his best friend’s account is why he isn’t the favorite!
Gonna get a bit pedantic and point out that the question actually asks the name of FIRST pet, not FAVORITE.