• Ashyr@sh.itjust.works
      link
      fedilink
      arrow-up
      29
      ·
      5 months ago

      Can and absolutely do. Pet is my standard security question and it’s just a standardized password I use only on that field.

      • tyler@programming.dev
        link
        fedilink
        arrow-up
        15
        ·
        5 months ago

        You should most likely generate a unique one for each website, but I doubt any attacker is going to go to the trouble of capturing that once and trying it again as a security answer elsewhere.

        • FuglyDuck@lemmy.world
          link
          fedilink
          English
          arrow-up
          10
          ·
          5 months ago

          I use a password manager…. Generate a random string at 36 characters and then back off to whatever they’ll accept.

          The number of idiots forcing less than 24 characters for things like that’s… way too damn high. (Probably preaching to the choir here but there was an issue with windows screwing with the encryption or something “requiring” 24 instead of 12.)

          • Frog
            link
            fedilink
            arrow-up
            1
            ·
            5 months ago

            Sometimes banks ask me my answer to security questions. This ever happen to you?

            • FuglyDuck@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              5 months ago

              You… go into a bank?

              For what?!

              I could always show them my id or something. You know, the same one I showed to get the account.

              • Frog
                link
                fedilink
                arrow-up
                1
                ·
                5 months ago

                I’ve been asked my answer for security questions on the phone.

        • dubyakay
          link
          fedilink
          arrow-up
          9
          ·
          5 months ago

          The bad part is of course when it’s not just the password leaking but the security questions and answers as well.