Josh Freed: Online security is becoming a little too secure for me

by


I must change my vast number of secret 12-letter passwords so often that I have more passwords than spies do, along with more security questions than all the joint chiefs of NATO.

Author of the article:

Josh Freed Special to Montreal Gazette

It's easy to get flummoxed by trying to remember year-old answers to security questions.
It’s easy to get flummoxed by trying to remember year-old answers to security questions. Photo by Getty Images/iStock

To read this column, please enter your “ReadFreed” security password.

Sorry. We have not received your reply. To verify your identity, please answer the following personal security question:

What was your second gym teacher’s third name?

You have failed to reply correctly. Please answer an alternate security question:

What is your least favorite security question and your grandmother’s favorite radio show?

You have not replied again. last chance:

What is your favorite dessert?

CONGRATS! You got it — chocolate is everyone’s favorite dessert.

Read on!

I hope you enjoyed accessing this column so easily, because it won’t last. Those easy-to-remember security questions we’ve been answering for years about our first car, dog or grade school are easy for hackers to crack, too — by guessing your car was a Volkswagen and your dog was named Rover, Fido or Cat .

As for your grade school, most have closed here in English Quebec, so the few remaining are easy to guess.

Now prepare for tougher questions. I registered with Revenue Canada online last month and their new security questions left me feeling very insecure. Among them (verbatim):

Question: What is the furthest place you ever remember traveling to in a car as a child?

I dunno. At five years old I didn’t have a map or odometer to know where we were going, let alone how far it was.

My only job was to say: “Are we there yet?”

Question: What was your favorite game as a child?

There are multiple possible answers. I liked table hockey, ping-pong, hula hoops, throwing bubble-gum hockey cards, rolling marbles and punching each other’s arms as hard as we could until one guy said “uncle.”

I also loved staring into space for long periods and imagining I was Rocket Richard scoring goals. Yet whichever of these activities I may recall as my favorite now, I won’t remember next year when Revenue Canada locks me out for answering “Old Maid” instead.

Other questions: Where were you when you had your first kiss? hmm, I barely recall where I was for my last one.

What was the name of your imaginary friend when you were a child? I never asked, but its foot size was 111.

Who was your favorite cartoon character? Now that’s a Goofy question.

Even the simplest question — What is your favorite hobby? — seems complex, because the answer changes over time. Six months ago, everyone’s favorite hobby was baking bread; now everyone’s playing wordle. Next year we could all be axe-throwing, who knows?

Frankly, I don’t even remember the answer to my earliest security question: What was your first car?

I recently failed several attempts to remember while trying to bank online — before the site locked me out.

Finally, I decided to get that security question changed. All I had to do was wait 25 minutes on hold for my bank, then be told I should phone another special “bank security” number, where I was put on hold another 45 minutes.

While waiting, I held my breath, hoping they’d take my call without asking me a security question about what my first car was.

As for those Revenue Canada questions, I did what everyone does when we fear losing track of our security answers: I put them into my phone, which defeats the whole purpose of strengthening security questions.

We’re harassed by endless other security-mad stuff too, like Apple’s “two-factor” security. That’s where you must provide your cell number, so when you try to do something on your computer, Apple’s computer texts your phone a numerical code to type into your computer to make sure you’re really you.

The trouble is that recently, when I try to type their texted security codes into my computer, it won’t work. So I’ve lost access to Apple services.

Last week I called Apple, which spent four hours of my unpaid time trying to fix the problem, most of it with their “senior consultant” — who was utterly flummoxed.

Since I’d been on the phone with him for hours and answered many security questions, he knew it was me. So I suggested we humans just bypass the computer’s two-factor security and restore my Apple services anyway.

The senior consultant replied: “We can’t do that. No one can except the computer — and it demands two-factor security.” In short, Apple security is so secure even Apple can’t get in.

Of course, that’s not the end of our spiraling online security. I must identify pictures of crosswalks, traffic lights and trucks in tests to prove I’m human, not a computer. I must change my vast number of secret 12-letter passwords so often that I have more passwords than spies do, along with more security questions than all the joint chiefs of NATO.

I am absolutely protected against anyone who wants to use my devices — especially me.

This terminates today’s column. To leave this page without breaching security, please answer the following secret exit question: What was the make of Mr. Freed’s first car?

I’d really appreciate the answer.

[email protected]

Comments

Postmedia is committed to maintaining a lively but civil forum for discussion and encourage all readers to share their views on our articles. Comments may take up to an hour for moderation before appearing on the site. We ask you to keep your comments relevant and respectful. We have enabled email notifications—you will now receive an email if you receive a reply to your comment, there is an update to a comment thread you follow or if a user follows comments. Visit our Community Guidelines for more information and details on how to adjust your e-mail settings.


Leave a Comment