Best Security Questions: Selection Criteria and Examples

Posted on 11th November 2021

Entering the answer to your security question allows you to protect your website from making critical changes. Even if attackers have taken possession of the password from the control panel, they will not be able to remove the module, change the password or security settings without knowing the correct answer to the security question.

List of actions that require a security question answer:

• Password recovery;
• Attaching or detaching a domain;
• SSL settings;
• Removing modules;
• Changing site security settings;
• Deleting a website;
• Change of contact email address;
• Change FTP password/account password;
• Change of site owner, etc.

However, it is necessary to understand that if you forget the answer to a question, then you will not be able to make changes on the site. Do not use data that may be known to your friends or published anywhere (social networks, forums, games, chats, etc.) as an answer to the specific security question. Attackers have a greater chance of finding an answer to this question.

Criteria for Choosing Good Security Questions

Several important criteria determine the reliability of a security question. Study them carefully before choosing the top security questions for your Internet account.

Security

Security is considered one of the most significant characteristics of a good security question. It should not jeopardize the protected object. A good question must have an answer that is rather difficult to guess and thus block unauthorized access to your personal account.

Here are several examples of ineffective security questions:

• What is your grandfather’s last name?
• What’s your home address?
• What is your mother’s phone number?

Pay attention to the following examples of good questions:

• What was the name of your first childhood friend?
• What is your brightest childhood dream?

Invariability

An effective security question should have a consistent answer. It is not recommended to choose questions, the answers to which may vary. This mainly applies to the category of favorite things: vacation spot, teacher, color, book, movie, animal, song, artist, etc. Interests, tastes, and personal preferences are subject to change. For example, last year you enjoyed your vacation in Italy and this year in Europe. By choosing a question with a volatile answer, you may not remember the answer you originally provided.

Here are some bad examples:

• What color do you like the most?
• What’s your favorite artist?
• What book do you recommend to your friends?

Good examples are the following:

• What was the name of your first school teacher?
• What year did you enter college?
• What is your grandmother’s maiden name?

Memorability and Obviousness

The answer to a good security question should be obvious. In addition, it should be easy to remember, but at the same time remain secret to others. The answer should be immediately remembered as soon as the user receives the security question.

Some bad examples include:

• Which teacher did you like the most at school?
• What is your friend’s driver’s license number?

Good examples:

• What is your child’s nickname?
• What is the manufacturer of your first car?

Basic Types of Secure Questions

Security questions are roughly divided into categories. You can select the one that seems more appropriate to you:

1. Childhood (What was the name of your favorite childhood pet?);
2. Family (What year was your grandmother born?);
3. Preferences (What is your favorite sport?);
4. First (What month was your first child born?);
5. Personal characteristics (What is your skin color?);
6. Animals (What breed of cat do you like the most?);
7. Education (What was the name of your school physical education teacher?);
8. Work (In which area of the city is your place of work located?).

Recommendations for Choosing the Best Security Questions

The following tips will help you select the most effective security questions:

• There are very few good questions that suit absolutely everyone. There are questions that are bad for some people, while the same questions are good for others. Select the questions that suit you best;
• Don’t use too many questions, even if there is a need to increase security;
• Pay attention to the absence of errors;
• Avoid questions about color – the range of colors is quite limited.

Examples of Efficient and Inefficient Security Questions

Within the framework of this article, it seems appropriate to give examples of security questions, dividing them into two categories: efficient and inefficient. Study each carefully and decide on the best questions already today.

Efficient Security Questions

• What was your childhood best friend’s nickname?
• In which city did your parents meet?
• What’s your neighbor’s last name?
• How many pets did you have at 10 years old?
• What month did you get married?

 Inefficient Security Questions

• What sport do you prefer the most?
• What’s your favorite TV program on Sunday?
• What year was your grandmother born?
• What color does your child like?
• In which area of the city is your place of work located?

What Is the Reason for the Need to Use a VPN?

In addition to using top security questions, protect yourself online with a VPN. The need to use a VPN is due to the increased risk of “hacking” by attackers of a virtual server that has direct access to the public Internet through a public IP address. Combining users’ cloud servers and local computers into a private network minimizes the number of users who can gain direct access. This way, your server will use only a private IP address instead of a public one, which is not available for attempts to connect to the Internet directly. The presence of the server on the Internet will be anonymous, which will allow you to become more secure online.