IT Security Tip: Learn to lie on password reset questions

Many ID systems, including the campus ONYEN, have a self-service password reset feature.

That’s where you register your answers to random questions that only you should know, like “What was your Mother’s maiden name?” or “What is your favorite holiday?”  If you forget your password, you can still get into the system by answering several of the questions that you registered for.

Unfortunately, many of the answers to common questions can be guessed either by looking them up in public records or having a limited set of options to choose from.  For example, through trial and error, it wouldn’t take you long to hit the correct holiday to answer the question above.  One way to reduce your risk to being compromised is to lie when answering the questions.  You might say that your favorite holiday is “Chevy” or “ABC123”.  That’s a lot harder to guess than “Thanksgiving”.   Just make sure it’s something that YOU can remember when you need to use it.