I was reading a blog post this week, when the blogger mentioned that it was her birthday. I recalled in an earlier post, how she mentioned tracing her family’s roots and that her mother had an unusual maiden name, which made the search easier.
In other words, as a casual reader of her blog, I was now in possession of two of the most commonly requested security questions for accessing online accounts and resetting passwords.
I emailed her to let her know. She emailed me back within the hour thanking me and said she had just changed her security questions on several important accounts, which any one of her readers could have accessed with ease.
There’s been a debate among bloggers for years, regarding how much personal data we should publish on our blogs. I think it’s a personal decision, but one that needs to be made in the knowledge that we never really know who’s reading our material or what their intentions are.
Image Credit: Cavell L. Blood
Hi,
I agree with the sentiment of your post but I do think that the security credentials of “mothers maiden name” and “date of birth” are probably not very secure in the first place.
Furthermore, social networking (and it’s logical development in the next few years) will mean that more of our details will ’spill out’ into the public domain.
Yes we have to watch what we say but, at the same time, third parties will need to bring in better security/credential mechanisms.
(imho!)
Joel
Hi Joel,
Thanks for the comment. The challenge, is that right here, right now, people ARE using the default security questions for online accounts – unaware how easy it is to access their data / money. Equally, some systems force you to pick your mother’s maiden name as a security question. Yes, hopefully in time there will be a better security mechanism.
Hi Joel,
Agree that third-parties need to be more pro-active at securing our information, but at the end of the day, true liability falls with us. You wouldn’t give a complete stranger on the street this information – why should it be any different online?
I generally don’t use real information of that nature online. So my birthday, while it will always be on the same day so as not to confuse me, will not be on my real birthday except where absolutely necessary. Ditto for my mother’s maiden name.
Debbie
Good tip Debbie! Thanks for sharing.
I think that was mighty nice of you to warn her. I’ve often wrestled with how much information to give and with the advent of Twitter and Facebook, should I really broadcast the fact that I’m going to be on vacation and out of the city for the next two weeks? This topic is only going to become more relevant as we move forward with these social tools.
I think it’s wise to keep your actual home address out of the public domain if at all possible Joni.
There’s certainly been cases, where people have had their homes robbed after posting to Twitter / FB about how their home will be left vacant.
You are totally right Jim, I am asked many times ‘mothers maiden name’ sometimes you have the option to change it to another standard question like ‘Your first pet’ but it all boils down to the same thing, watch what you say. I blogged about this too, with a different reason but same answer- too much information!
Hi Michelle – Thanks for stopping by the blog. The questions asked by default by some providers are way too simple. As was commented here earlier, this is going to become a bigger issue in the coming years, as we put more and more of our lives online.
Hi Jim,
That is why I never use conventional questions for my accounts. It’s a good thing that you mentioned this because there are so many people out there that just don;t know how to protect their accounts.
Thanks
Never really thought of it that way. That is really good insight, thanks.
Thanks, Jim. It’s so easy to miss those things. This is a sobering reminder to me to be doubly careful with all information on and offline.
Cheers, Robin