Re: gmail security is a joke

[Richo Healey <richo () psych0tik net>]

On 29/05/15 10:35 -0400, Peter Beckman wrote:
> I use completely random strings for security questions. The company doesn't
> care what my answer is, so instead of knowing that my favorite sports team
> is [REDACTED] they can see that it is "WheF7?ydk/cBG8MgZf7w"
>
> Go WheF7?ydk/cBG8MgZf7w!
>
> I store all of the security questions in my password manager (1Password),
> and though annoying if prompted for them often, my account is more secure
> as a result. It's also a lot of fun when you call in and they ask you the
> answer to your security question.
>
> Just because someone asks you a question it does not require you to give an
> answer they expect. (Or any answer)
>
> Beckman

Good in principle, however I'll bet you 20$ that with this state, if I get on
the phone with support, and they ask for the answer to the security question,
simply replying

   "Is it a bunch of gharbled chracters, about 20 of em?"

Will be more than enough to get me in. Use 3-4 dictionary words.