[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

1.4 The answers to security questions

Many sites now add security questions that you must answer when you first set up your account. There are several problems with these:

  1. The questions are often common, so if the answers become known from one site, the answers can be used at another.
  2. Some answers can be researched.
  3. Sometimes, you may select an answer that turns out to be difficult to remember or changes for you at some point.
  4. If an answer requires two words, you are often out of luck. “Pick one.”

It’s a mess. gnu-pw-mgr supports a ‘--confirm’ option for answers to confirmation/security questions. Give that option a word or two from the question, and it will print out a 12 character sequence of alphabetic characters that are unique to the web site and unique for the option argument. For example, in the gnu-pw-mgr program’s ‘base.test’ test, the confirmation option arguments dog and pet produce the strings xkzrraogchyh and brrxsbesatfj, respectively. These may be answers to the questions, ‘what was your dog's name’ or ‘what was your favorite pet’, for example. These answers are valid only for the ‘who’ password id and the test’s seed string. With a different password id or seed, you would get a different answer.

NOTE: I have finally figured out that it is inconvenient to have the security question answers change when passwords change. Therefore, this option will, henceforth, print *two* answers. The first will change whenever the password changes. The second will only vary on the input password id and confirmation text.

[ < ] [ > ]   [ << ] [ Up ] [ >> ]

This document was generated by Bruce Korb on June 30, 2018 using texi2html 1.82.