The answer is yes, and the TL;DR is not to use them, use 2FA, and not share personal details online (which is hopefully all obvious advice)

cross-posted from: https://lemmy.world/post/12060980

  • @[email protected]
    link
    fedilink
    English
    910 months ago

    nothing stops you from saying that bwE0FpHb5iPzMZiismyeiTIWhoB*#V8SaD0F3R*SeH was your first pets name.

    How will you remember that though? A lot of password managers don’t make it easy to store security question responses alongside account credentials, and if you’re using a security question, it might be because you lost access to those credentials anyway

    • Boozilla
      link
      English
      1510 months ago

      I put these answers in the “notes” section of Bitwarden. It’s a little inconvenient, but it works.

      • @[email protected]
        link
        fedilink
        English
        210 months ago

        It depends on if the purpose of the questions is for 2FA or account recovery. If the latter, you haven’t really solved anything since if you lose one then you lose the other

        • @[email protected]OP
          link
          fedilink
          English
          1410 months ago

          My personal view is that the extra security that these so-called security questions bring is worth less than the risks they bring. I’d rather the (low) risk of Bitwarden being compromised and losing the account than the (high) risk of someone searching or discovering information about me I can’t change and losing the account.