What Makes Security Questions Bad or Good? Are They Useless?

Internet Security
TechLatest is supported by readers. We may earn a commission for purchases using our links. Learn more.

Add a security question to your account, as it is an additional hurdle that hackers need to overcome for access. However, it’s crucial to be careful when selecting security questions because not all are secure. Learn more about the frequently used security questions and how to choose a strong one.


What makes a security question good?

While logging in or resetting your password, various platforms ask you to select a security question to answer. You can either choose predefined queries or create your own.

Selecting a question that’s difficult for hackers and simple for you to answer is essential. Your security question should have specific characteristics to recover your password successfully.

  • Memorable: Choose a security question whose answer you can recall instantly, even if you log in after an extended period, such as two years. Avoid using something like a song you listened to ten years ago and ensure a fixed answer. For instance, something like the name of your first pet or car is likely to be remembered.
  • Unique: Create security questions with plain answers to verify your identity. Choose something specific, simple, and easy to remember. Avoid being cheeky and choosing fake answers.
  • Constant: Select a security question based on factual information that won’t change over time. Ignore asking questions like “Your favorite song or preferred music genre” or ” work address,” as these can change. Instead, the city you were born in will remain the same.
  • Unpredictable: Make sure the answer to your security question is something other than what others can easily guess or find out through research. Only you (and perhaps the individual who was part of that particular event) should know the correct answer to your security question. Avoid sharing personal information on social media or engaging in Facebook quizzes that trick you into disclosing such information.
Internet Security
Image by Gerd Altmann from Pixabay

Avoidable security questions

Some security questions can be considered inadequate for two reasons: either they are too complex or too simplistic.

People need to remember the answers, making their accounts vulnerable to hacking attempts because they are overly simplistic and easy to guess.

One effective way to prevent this is to avoid sharing such information publicly and answering security questions while signing up for websites with insecure reputations. However, it’s best to avoid using weak security questions altogether.

Weak security questions

  • Which town or city did you get your first job in? This information is readily available on LinkedIn or easy to guess if you have never relocated to another city or country.
  • Which primary school/middle school do you go to? Individuals with malicious intentions can readily access this information on LinkedIn or Facebook.
  • What’s the maiden name of your mother? Although it may require some effort to search for it, hackers could obtain this information from either a public database maintained by government agencies or social media platforms.
  • Which movie do you like the most? There are many potential responses to this question because your movie preferences can change as new movies release and your taste evolves. 
  • Which sport did you enjoy in high school? This question lacks strength, and there can be multiple possible answers. Moreover, other people can also make an educated guess about the answer, mainly if your Facebook profile exhibits images of you engaging in sports like rugby or cheerleading. Even if it doesn’t, frequently posting articles about a specific sport like football can still lead to inferring an answer.

Good security questions list

  • Who was the person you had your first kiss with? It is an excellent query since it concerns your personal experience. You’re the only one who can respond accurately.
  • At where did you have your first kiss? Like the previous one, it is also a personal and enduring question that only a few individuals can respond to.
  • Which city did you greet your partner/spouse in? It is a personal question with a reliable response. Still, it could be predictable, particularly if you have not yet experienced relocating to another country, exploring different places, or marrying someone you met in high school.
  • What’s your last-born kid’s middle name? It is an excellent question if you have children because this data is typically only found in your child’s passport and not readily available elsewhere.
  • What was your first soft toy? It is a query that necessitates a precise and consistent response. Even though not all children have a beloved stuffed toy, if you do, no one else will likely know its title.
  • Which town or city did your parents meet in? It is a private and particular question that only you and your family can answer. This data is probably not available on social media either.
  • Which was the first exam you didn’t pass? The information is private, clear, consistent, and simple to remember. Additionally, if you rarely reveal it on social media, it won’t be on your accounts.

Furthermore, certain websites allow selecting several questions to reduce the likelihood of an unauthorized third-party gaining access to your account details.

Can I do anything further to strengthen my security online?

Absolutely! First, restrict the information you disclose on social media profiles and posts. It is unnecessary to reveal your birthplace on Facebook to create a profile.

Review the following recommendations and assess how you can enhance the privacy of your social media accounts. It will create obstacles for hackers and make their tasks more challenging.


If you are sure you have picked appropriate security questions but are concerned about potentially forgetting the answers.

In that case, you can utilize a password manager. Multiple password managers, such as LastPass or 1Pass, allow you to include notes to your passwords.

Read: The Privacy Risks Of Home Robots

Leave a Comment
Notify of
Inline Feedbacks
View all comments