825
Security Question (i.imgur.com)
top 40 comments
sorted by: hot top controversial new old
[-] Frog@lemmy.ca 135 points 2 months ago

To Bones. You are a good boy. You also added a space after the "S". It's still you.

[-] modifier@lemmy.ca 40 points 2 months ago

Oh whew. I needed to see this because this comic had me surprisingly agitated.

[-] Frog@lemmy.ca 1 points 2 months ago

Curious, agitated that it wasn't Bones or the space?

[-] modifier@lemmy.ca 7 points 2 months ago

Agitated that the cartoon dog had a reason to doubt that he was the goodest boy.

[-] LifeInMultipleChoice@lemmy.world 13 points 2 months ago

I immediately saw that do to how many times I have copy/pasted into text fields and they error out. What do you mean my routing number is invalid!

[-] CorruptedArk@lemm.ee 63 points 2 months ago

Someone tell Bones that you can lie on security questions

[-] OpenStars@discuss.online 35 points 2 months ago

Bones would never lie - he's a good boy, yes he is:-).

[-] Ashyr@sh.itjust.works 29 points 2 months ago

Can and absolutely do. Pet is my standard security question and it's just a standardized password I use only on that field.

[-] tyler@programming.dev 15 points 2 months ago

You should most likely generate a unique one for each website, but I doubt any attacker is going to go to the trouble of capturing that once and trying it again as a security answer elsewhere.

[-] FuglyDuck@lemmy.world 10 points 2 months ago

I use a password manager…. Generate a random string at 36 characters and then back off to whatever they’ll accept.

The number of idiots forcing less than 24 characters for things like that's… way too damn high. (Probably preaching to the choir here but there was an issue with windows screwing with the encryption or something “requiring” 24 instead of 12.)

[-] Frog@lemmy.ca 1 points 2 months ago

Sometimes banks ask me my answer to security questions. This ever happen to you?

[-] tyler@programming.dev 2 points 2 months ago

Yep and I just give them the long random string. They don’t care.

[-] FuglyDuck@lemmy.world 1 points 2 months ago

You… go into a bank?

For what?!

I could always show them my id or something. You know, the same one I showed to get the account.

[-] Frog@lemmy.ca 1 points 2 months ago

I've been asked my answer for security questions on the phone.

[-] dubyakay@lemmy.ca 9 points 2 months ago

The bad part is of course when it's not just the password leaking but the security questions and answers as well.

[-] FuglyDuck@lemmy.world 40 points 2 months ago

So…. Am I the only person that generates a random password as an “answer”?

[-] t0fr@lemmy.ca 7 points 2 months ago

There are at least two of us

[-] Samsy@lemmy.ml 2 points 2 months ago

On phone: okay Sir, we need at least the name of your favourite dog for verification!

[-] helpImTrappedOnline@lemmy.world 1 points 2 months ago

give one second... It umm, AstronomicalTransmissionXylophoneInstitution

[-] Licensed_to_ill@lemmy.world 27 points 2 months ago

Bones. I'm sorry but you weren't my first dog. My first dog will forever be the answer when it comes to security questions. It's convenient. But you're really my favorite. I love you bones.

[-] Lightfire228@pawb.social 15 points 2 months ago* (last edited 2 months ago)

Don't use real answers. "Security" questions have the same 'authority' as passwords (they can be used to change your password), but are often not treated with the same level of care as actual passwords.

Meaning, SQ are often easier for a hacker to figure out and exploit. In that event, SQs are actually worse than passwords, because they're "unchangeable" (well, the real answer is). So if an SQ answer gets compromised, you're SOL

The best option is to use a password manager, and randomly generate passwords and SQ answers (i use 1Password, but there are other good options)


Edit: oh and, if you use real answers, then those are more likely to be publicly searchable on Facebook or socially engineered (like a "which dog are you" quiz)

[-] i_love_FFT@lemmy.ml 6 points 2 months ago

Plot twist: Bones' official full name is actually "James Bones", but he doesn't know.

[-] Matriks404@lemmy.world 20 points 2 months ago

How is even having these security questions even considered safe? What is more likely, person to know your password or a name of your favorite dog that you might get from that person's Facebook account?

[-] Licensed_to_ill@lemmy.world 20 points 2 months ago

That's why you make the answers fake ones. Like instead of your actual favorite pet, you answer lassy or airbud or something stupid like that

[-] Maggoty@lemmy.world 12 points 2 months ago

Even to the point of being nonsensical. I've had tech support chuckle at me but the intent was clear as day. Anyone can find my mother's maiden name. Good luck figuring out the answer I gave the bank.

[-] Lightfire228@pawb.social 7 points 2 months ago

I had to say my SQ answers to the bank as identity confirmation (which, them being capable of reading it (stored as plain text) is a huge security no no)

and my answers were 20 random characters. That was fun

[-] frezik@midwest.social 7 points 2 months ago

it's not. These are very bad practice that had obvious problems from the start.

Sarah Palin's Yahoo account was broken into during the 2008 election by guessing her security questions. If it wasn't clear before then, it should have been clear after. No excuse for companies continuing to do this.

[-] Emmie@lemmings.world 13 points 2 months ago* (last edited 2 months ago)

I have some old accounts locked behind a name of first crush

It’s kind of poetic

[-] TehBamski@lemmy.world 3 points 2 months ago

Did you make those accounts back in middle school?

[-] Emmie@lemmings.world 3 points 2 months ago

Oddly specific question, why? Am I culturally daft? Is this a reference to some classic?

[-] TehBamski@lemmy.world 4 points 2 months ago

Ha, no worries. I was just teasing that those that made their passwords their rush or those that they were dating were often in middle school. Kinda like kid logic.

[-] Emmie@lemmings.world 2 points 2 months ago* (last edited 2 months ago)

I was dating as far as back as kindergarten so this is all very blurry history
Middle school felt like middle age crisis I am not kidding, fuck that time period. When I look at my photos from then I see someone fatally depressed, pale skin and empty gaze held by the smiling, blissfully ignorant parents.

God damn this is what happens when someone mentions middle school near me. Someone should blow that building up.

[-] TehBamski@lemmy.world 2 points 2 months ago

Someone should blow that building up.

ATF has entered the chat

[-] Emmie@lemmings.world 1 points 2 months ago

(in a video game)

[-] DragonTypeWyvern@midwest.social 12 points 2 months ago

All y'all acting like Bones is a good boy who deserves to be the favorite when he is clearly being a BAD BOY.

Maybe trying to hack his best friend's account is why he isn't the favorite!

[-] DarkCloud@lemmy.world 8 points 2 months ago* (last edited 2 months ago)

Psst... Try "McCoy", or "Dr. McCoy". :)

[-] blackluster117@possumpat.io 3 points 2 months ago

Dammit Jim, I'm a Doctor not a golden retriever!

[-] mrvictory1@lemmy.world 5 points 2 months ago

The correct answer was not BONES but possibly Bones or bones. Try again Bones!

[-] WhiskyTangoFoxtrot@lemmy.world 3 points 2 months ago

The dog's real name is "Sir Reginald Bonington, esq." but their owner always just called them "Bones."

[-] niktemadur@lemmy.world 0 points 2 months ago

Gonna get a bit pedantic and point out that the question actually asks the name of FIRST pet, not FAVORITE.

this post was submitted on 08 Aug 2024
825 points (98.8% liked)

Comic Strips

12355 readers
2749 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 1 year ago
MODERATORS