|
I just give nonsense answers, then ignore them. If I forget a password, I'll click the "Reset Password" (however it's phrased) link, which is always there alongside the stupid questions.
To me, they're a security risk, not enhancement.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
kdmote wrote: Is there any way we can join together and make our voice be heard? After all the plain-text passwords, SQL injection and other crap, I'd recommend to stop hiring people with a degree in CS.
Perhaps then the schools will start actually teaching that stuff.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Eddy Vluggen wrote: After all the plain-text passwords, SQL injection and other crap, I'd recommend to stop hiring people with a recent degree in CS.
FTFY
Many of us "old-timers" do know what we're doing!
"Fairy tales do not tell children the dragons exist. Children already know that dragons exist. Fairy tales tell children the dragons can be killed."
- G.K. Chesterton
|
|
|
|
|
Matt T Heffron wrote: Many of us "old-timers" do know what we're doing! Were those topics explained in detail during your education, or did you learn it in the field?
My guess would be the latter.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
There wasn't any education in this, back when I studied. Hackers didn't exist.
Unsurprisingly, trolls did, though -- it's probably true that they've been around since the dawn of time.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Mark_Wallace wrote: Unsurprisingly, trolls did, though To quote Socrates, non curo - especially since your argumentation is based on calling me an idiot
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Eddy Vluggen wrote: your argumentation is based on calling me an idiot I don't see how you arrived at that conclusion, but no problem: I'll happily call you an idiot if you'd like.
It wouldn't matter anyway, because I only exist as bits and bytes on the Interwebs -- non sum in rerum natura, and all that
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
My education pre-dates the Internet by about a decade!
But, even with my having learned it in the field, the "recent degree" probably is still a relevant differentiation.
"Fairy tales do not tell children the dragons exist. Children already know that dragons exist. Fairy tales tell children the dragons can be killed."
- G.K. Chesterton
|
|
|
|
|
Another solution is to use KeePass[^], and store your answers in there. At least that way they are encrypted, relying only on one password to remember. It doesn't address your fundamental complaint, but is a method of dealing with the madness.
|
|
|
|
|
Yeah, your first pet's name and your mother's maiden name are well worth keeping in secure storage, just in case you ever forget them.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Why would you put answers that can be found in the public domain? Isn't your mom's maiden name supposed to be filled out with answers like, "PassTheBreadKnifePlease"? Oops - for you, that might be close to the public domain!
|
|
|
|
|
Yup, security 101: Never answer a security question with a real answer.
All that is required is an answer you can regurgitate when asked. The system doesn't care what the answer is, only that what you present matches what they have.
WARNING: If you answer the question: What is your first pet's name? with your spouse's name, DO NOT let her know this. Stuff like that comes back to life more often than Dracula.
|
|
|
|
|
+1 for KeePass - I love it
|
|
|
|
|
And backup your keepass file to dropbox/box/google drive so that you can
- access it from anywhere
- have a copy when your computer crashes beyond all repair
|
|
|
|
|
I answer the same for every question. Treat it as a password and it's no big deal.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
Yeah, but the whole point of the questions is to use them when you FORGET your password. So then they're annoying AND useless.
|
|
|
|
|
kdmote wrote: So then they're annoying AND useless. Yes, when they are used as they were first designed, they are annoying.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
RyanDev wrote: Treat it as a password and it's no big deal. ..it's not like it is a security-risc, or that people would call you and ask for such private details. That is, for the questions not already answered by their FB/LinkedIn profiles
These questions would also only be relevant for your email-account - all other applications can safely assume that your email is private and send a simple reset-link.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Yes, but several site I deal with are now "smart" enough to detect the same answer to all questions, and complain bitterly until you change them
|
|
|
|
|
In those cases, my answers become "password1", "password2", "password3". No problem.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
So is it OK if I reset all your passwords, this week-end?
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Go for it.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
I use a mental code to create the answers based upon the site, itself. Nothing to really remember - the site tells me its own answer.
Now my reason for not liking them is that they ask questions about me that are too 'intimate' (alas, in the non-sexual sense) that, aggregated, give out more about me than anyone but me should know.
They're thrown at me by financial institutions, in particular, when it wants to validate the machine I'm on for a few sessions (before it does it again).
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
kdmote wrote: Of course there will always be brain-dead users who make up a ridiculous question like "What's 2 + 2?". That's actually quite a good question as it allows obfuscation. The answer to that question is Desmond, as in Desmond Tutu.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|