You have all seen this:  You create an account online and you are asked to enter a password and answer some security questions to be used later if you forget your login credentials.  They offer many standard questions, like “What is your mother’s maiden name” and “What is the name of your favorite pet.”

So what should you do?

First, create a password that is unique and hard to guess.   We’ve addressed this in a previous article.  Stay away from kids’ names and pet names.  As for the security questions, here are several suggestions:

A good security question should:

be easy to remember
have thousands of possible answers
not be something you  would use on social media
be simple one or two word answers
not change over time

If a site lets you make up your own questions, so much the better.

Don’t use things like birthdays, school names, etc.  These are easy for the bad guys to find.

I’ve talked with clients that just make up answers that aren’t true.  This is helpful, as someone who really knows you won’t be able to guess the answer.  Hey–anything to keep your data and identity secure works.  Be careful, though.  If you make up questions, you better remember the answers!

Another tip–if the site allows you to request a password change, they will usually email you. So be sure you give them a current email address.