gmail security is a joke

Peter Beckman beckman at
Fri May 29 14:35:17 UTC 2015

I use completely random strings for security questions. The company doesn't
care what my answer is, so instead of knowing that my favorite sports team
is [REDACTED] they can see that it is "WheF7?ydk/cBG8MgZf7w"

Go WheF7?ydk/cBG8MgZf7w!

I store all of the security questions in my password manager (1Password),
and though annoying if prompted for them often, my account is more secure
as a result. It's also a lot of fun when you call in and they ask you the
answer to your security question.

Just because someone asks you a question it does not require you to give an
answer they expect. (Or any answer)


On Fri, 29 May 2015, Joe Abley wrote:

>> On Thu, May 28, 2015 at 03:13:37PM -0400, William Herrin wrote:
>>> My first dog's name was a random and unpronounceable 30-character string.
> That's what I should do. Instead, I pull down the list of candidate questions 
> and think to myself...
> - I didn't go to a high school
> - I don't understand this other high school reference
> - I don't watch sports
> - I don't have a favourite sports team
> - I wonder vaguely whether that question actually had anything to do with 
> sports
> - I don't have a favourite pet
> - I don't know my grandmother's middle name, and never did
> - I don't have a favourite colour
> - I've never owned a dog
> - Are pets ever really owned?
> - Doesn't that speak to the denegration of others based on species?
> - Aren't we against that?
> and around this point, I start to think
> - I've had enough of this
> - this is too hard
> - I don't even remember what I am signing up for at this point
> - I am going to look for amusing cats on youtube

Peter Beckman                                                  Internet Guy
beckman at                       

More information about the NANOG mailing list