Don’t use real answers. “Security” questions have the same ‘authority’ as passwords (they can be used to change your password), but are often not treated with the same level of care as actual passwords.
Meaning, SQ are often easier for a hacker to figure out and exploit. In that event, SQs are actually worse than passwords, because they’re “unchangeable” (well, the real answer is). So if an SQ answer gets compromised, you’re SOL
The best option is to use a password manager, and randomly generate passwords and SQ answers (i use 1Password, but there are other good options)
Edit: oh and, if you use real answers, then those are more likely to be publicly searchable on Facebook or socially engineered (like a “which dog are you” quiz)
Don’t use real answers. “Security” questions have the same ‘authority’ as passwords (they can be used to change your password), but are often not treated with the same level of care as actual passwords.
Meaning, SQ are often easier for a hacker to figure out and exploit. In that event, SQs are actually worse than passwords, because they’re “unchangeable” (well, the real answer is). So if an SQ answer gets compromised, you’re SOL
The best option is to use a password manager, and randomly generate passwords and SQ answers (i use 1Password, but there are other good options)
Edit: oh and, if you use real answers, then those are more likely to be publicly searchable on Facebook or socially engineered (like a “which dog are you” quiz)