|
In the U. S. of A, many financial institution have been using this for some years. Often having as many as five such questions so you could be asked for any one or more of them.
As a rule, I don't give real answers - but rather something deducible from an algorithm (in my head only - hacking that would be a bloody mess - as you French well know).
Why the algorithm? Well - it turns out that all of these places are now accumulating even more personal information about you that only you should know. Even more candy for that inevitable day they get hacked.
My (US) government run sites validate by sending me a key via email - so someone needs to know where I get their email. On one site, passwords are entered via mouse on a little online keyboard - so it cannot be key-logged (they change the references every time).
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
You don't have to give a "true" answer to the security questions. You just have to give an answer you remember. When does your drivers license expire? On your birthday in 2028. What's your electric company's account number? 12345. And the best way to keep it all straight - a password manager program like KeePass.
|
|
|
|
|
I just go to: HackedUSGOVTPasswords.com and look my password up by my government UserID.
|
|
|
|
|
Does it really matter what answer you give? I mean, if you chose the utility company client id , couldn’t you just give them a bogus number, and log that in your password manager’s notes?
It’s not likely that they’ll contact the utility to make sure you’re not lying.
Mark
Just another cog in the wheel
|
|
|
|
|
Most of these are just "memory triggers" ... You can say your mother's maiden name is "Snuff" ... They don't actually reject your "secret word" (unless it's too short; etc) or "come after you".
The funny thing is people honestly trying to answer these "nonsense" questions (I did) ... since "id theft" would be all that's need to crack your "secret words".
(I used my "pet's name" when I didn't even have a pet).
"(I) am amazed to see myself here rather than there ... now rather than then".
― Blaise Pascal
|
|
|
|
|
Sander Rossel wrote: I get to pick from four pre-defined questions, but they are so difficult that even I can't answer them! Then use the standard answer -- "Burma!"
Seriously, there's no reason to answer those "security" questions with anything even resembling a real answer. They're only going to be used as less-secure passwords anyway, and posing them as a "security" question that you give a truthful answer to only makes them more easily guessable by hackers. Just write it down like any other password and keep it next to the main password. Besides, who's to say you didn't name your first cat C&4x# anyway.
|
|
|
|
|
You know you don't have to give the real answers, don't you? The questions are just placeholders really; so unless they force numeric-only then just type in your reaction which is likely to be similar in 6 or 12 months. Q. "What is your electricity account number?" A. "What a bloody stupid question". Even your electric company won't hack your account.
Since most of the questions that are asked in these scenarios are actually publicly-available data (e.g. what's your mother's maiden name, what was your first school) it's really more secure to just make up some random sentence as a form of long password.
|
|
|
|
|
I was sent this, and it explains so much: Battery falling down a hole[^]
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
modified 25-Feb-18 7:09am.
|
|
|
|
|
I feel like that battery too, your prediction was right, my tip was downvoted
I wish those cowardly downvoters were man enough to leave a comment, and explain why they downvoted the tip !
|
|
|
|
|
It wasn't me - but the only way to prove that would be to downvote it, I suspect ...
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Yeah, yeah, yeah, I know that typical Welsh 'pulling a leg' humor
|
|
|
|
|
Thinking about it you can tell the "seniority" of the downvoter by the rep points he removed: the rep point summary should tell you that, and it varies by voter rep. Not sure how big it is for article one-votes, but for QA answers "big hitters" give me -16.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
RickZeeland wrote: I wish those cowardly downvoters were man enough to leave a comment, I wish cowardly posters who get a downvote would be man enough to realize the points me nothing.
Everyone is born right handed. Only the strongest overcome it.
Fight for left-handed rights and hand equality.
|
|
|
|
|
I find it strange that my last tip ".NET Core versioning demystified" has not gotten a single bookmark. Could it be that this is because of the site maintenance yesterday ?
So if anyone would be so good to bookmark my tip, and test if everything is ok, I would be forever grateful
|
|
|
|
|
People will bookmark your tips/articles when it suits them.
|
|
|
|
|
Or when they are stimulated a bit
|
|
|
|
|
Well, I'm getting the impression that I seem to be the only one that thinks that versioning is an important part of the continuous integration cycle.
What do you guys do when you release a product, set all version numbers by hand ?
|
|
|
|
|
Tat'sindeedwhat I doa few times every week. The project I work on is 25 years old and was ported to .Net at the first opportunity. New fashioned things like unit testing or continuous integration can be problematic.
I have lived with several Zen masters - all of them were cats.
|
|
|
|
|
I agree, continuous integration is not for the faint-hearted. When I first tried TeamCity many years ago I could not even get it working with SQL Server. Now after months of fiddling I got everything running smoothly using a PostgreSQL database, but as soon as I change a setting which is not the default: guaranteed trouble !
In hindsight I think I would have chosen another route, maybe using Cake, as TeamCity is very demanding
But coming back on the subject of versioning, I think the technique with a Directory.Build.props file will also work with 'normal' .NET applications, see information here: Customize your build | Microsoft Docs[^]
But I have not tested that yet ...
|
|
|
|
|
...yes? Why not? Either it's a WIP, so NOT release, or it has a definite version number.
GCS d-- s-/++ a- C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
|
|
|
|
|
Guess it depends on how complex your solution is, ours is quite complex with hundreds of projects, and there are weekly releases. Would not want to version all those files by hand every time.
|
|
|
|
|
I see... our deploy must be made by hand by an operator on a specialized machine and the solution has only 3 independent components, but replicated for almost every single machine (we heavily customize the software for every client, who often ends up with different versions on different machines).
If there is only a single product with hundreds of components and centralized periodical deployment of course there is no other solution.
GCS d-- s-/++ a- C++++ U+++ P- L+@ E-- W++ N+ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t+ 5? X R+++ tv-- b+(+++) DI+++ D++ G e++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
|
|
|
|
|
We are a contrary lot; I suspect such blatant begging will get you more downvotes than bookmarks...
And remember it's a weekend!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
But, but, but, there were hundreds of views !
|
|
|
|
|
So what?
I have one article:
A Coder Interview With Paul Griffin
Posted: 21 Sep 2011 Updated: 30 Apr 2014 Views: 42,790 Rating: 4.96/5 Votes: 76 Popularity: 9.33
Licence: The Code Project Open License (CPOL) Bookmarked: 14 Downloaded: 0 That's one bookmark per 3000+ visitors.
A tip:
Sending an Email in C# with or without attachments: generic routine. [Tip/Trick]
Posted: 2 Mar 2011 Updated: 3 Mar 2011 Views: 113,310 Rating: 4.88/5 Votes: 52 Popularity: 8.37
Licence: The Code Project Open License (CPOL) Bookmarked: 52 Downloaded: 0 One per 2000.
Or even:
Extension methods for finding centers of a rectangle [Tip/Trick]
Posted: 13 Jun 2012 Updated: 13 Jun 2012 Views: 9,970 Rating: 5.00/5 Votes: 4 Popularity: 3.01
Licence: The Code Project Open License (CPOL) Bookmarked: 0 Downloaded: 75 Which has never had a bookmark!
They don't matter - why are you so insistent on them?
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|