Password Recovery Questions

bgwbgw

I feel quite good that I am using unique and strong passwords across all of the various on line accounts I have. But I believe I may be vulnerable to the password recovery questions. For example, the recent Yahoo! hack apparently divulged my questions and answers. What do you recommend for password recovery questions? Should they alll be just as unique as the passwords themselves to prevent vulnerability if one of my companies gets hacked? Thank you!

AGAlumB

@bgwbgw: This is a tough one, since of course the context isn't always the same. For example, what if you have to answer a security question over the phone? DqWK)$8L.8x,GyuH2oZLK>A8ZGarz6? No thank you! So while the ideal thing would be to use truly insane, random, character-based passwords for the answers to security questions and store them in 1Password (custom fields or the Notes section are great for this), it's important to give it a little thought. Use a word-based random password if you may need to speak or type it manually at some point — or if the site will only allow you to use letters. Great question, and I hope my answer is of some help! :)