If you are actually from Earth, you'll know the answer to this.

[prog]

Lore Sjöberg on online bank account security questions. I like the third guy's strategy.

When I was originally faced with these sorts of things, I figured they were ridiculous and useless, so I would answer "jdwhfwhfwopd" to What was the name of your high school? and so on. This worked until the first time I forgot my password and found I couldn't get a new one and had to own up to my "cleverness" to a bank employee on the phone.

Now I answer them for reals, keeping to an internal manual of style in hopes that I'll spell things correctly. (Did I say "St. John Neumann" or "Saint John Neumann" or "st john neumann high school" or...?)

Comments

[cortezopossum.livejournal.com]

I've had to deal with this a few times. One of which is "What is your middle school's or high school's mascot?" Well.. which is it.. the middle school mascot or the high school mascot??

[keimel.livejournal.com]

I do not answer them truthfully. I lie. I write down the answers in a secret place. With a pen. Not on a computer.

And that's what I do now.

Having been a victim of bank robbers, twice, I have weighed the consequences with the inconveniences and have decided to inconvenience myself more to be more secure.

My decision to write this stuff down is, in part, due to my reading of Schneier.

Of course, I've used the 'screw you' method in the past as well. It is fun.

[karlvonl.livejournal.com]

Heh, I've been using the third guy's strategy for a while now, but with different answers per question.

[dougo.livejournal.com]

My password hint is usually "duh".

[prog.livejournal.com]

My password hints are always something like "Its your mid-security password" or something.

This isn't hints, though; these are extra questions that banks hit you with even after you've given them correct login/pass info.

[katre50.livejournal.com]

It gets worse than that, actually. Last summer my credit card was declined while paying for some auto repairs, so I called up to complain. They then started asking me a barrage of questions using data someone had gleaned from the credit reports of people whose names are like mine. I did okay with answering questions about former addresses (from which I had never dealt with this bank), and questions about my college loans (also not with this bank). But when they asked me about a car I never owned, and then told me I was wrong, I got a bit angry with the system.

[cortezopossum.livejournal.com]

Wait.. does this mean that creditors and/or banks are 'sharing' these security questions and answers? If that's the case the questions have suddenly gotten a lot less secure.

[katre50.livejournal.com]

Apparently my bank (Chase) hired some company who provides security questions and answers based on "publically available data". Mostly credit reports and DMV records. Nothing I actually told anything, and of course one of the items turned out to be for someone else.

After this happened I sent Chase a letter asking what company they got this data from and what I could do to correct it. Their answer was that they weren't going to tell me what company compiled the data, and that there was nothing I could do to correct it. Yay transparency?

[radtea.livejournal.com]

Err... please say you mean your "former bank"? If you don't vote with your feets they'll never change.

I've changed banks once and refuse to bank with one other institution, and I'm a Canadian: we only have five banks. You guys at least have a choice of bank-like things (although in fairness "bank" means something different in American English than it does to the rest of us.) But you got lots of 'em. Use that choice!