06-18-2017, 10:30 PM
(06-18-2017, 03:04 PM)highlander Wrote: I didn't know people actually answered these honestly. I just generate a random password as an answer and store it in an encrypted note in my password manager. The actual questions don't matter.
So, think of the average user, the average user doesn't even know what a password manager is, let alone how to use one. But also, this entirely defeats the purpose of the security questions, the purpose being that in the event you lose your password (for example, if your password manager database is lost), you are able to securely identify yourself another way by knowing this information about yourself independently from your password.
Not that it's a great system anyway, these questions are both guessable and also hard to remember. Security questions should be a relic of the past.