701

You need to lie about everything (thelemmy.club)

submitted 23 hours ago by nucomp@lemmy.world to c/comicstrips@lemmy.world

74 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] FuglyDuck@lemmy.world 84 points 23 hours ago

I mean, I just feed security questions as a randomly generated string- password managers will even save that string so you don’t have to remember it.

[-] zaphod@sopuli.xyz 3 points 12 hours ago

If you store it in your password manager alongside your password, what's even the point in having these questions?

[-] calcopiritus@lemmy.world 1 points 1 hour ago

In some places it is mandatory

[-] FuglyDuck@lemmy.world 6 points 12 hours ago

... that's an excellent question.

Frankly, even if you don't... what's the point? if you can crack the password, you can probably crack the secret question. or questions.

if you can social engineer a password, same with secret questions.

They're basically just a second passwords. possibly one of many passwords with a prompt.

[-] zaphod@sopuli.xyz 1 points 12 hours ago

I'm not even sure how I would store the answers to these questions in a database. Would you hash them like passwords or just store them in plain text (maybe encrypt them, but if someone has access to your servers they can probably access the encryption key too)?

[-] FuglyDuck@lemmy.world 2 points 11 hours ago

many passwords allow you to store pass keys (like with crypto wallets) as hashes attached to any login credentials. I would suggest storing them that way. at worst, I used to create secondary credentials.

[-] TheTechnician27@lemmy.world 40 points 23 hours ago

Yeah, it's a little silly if you end up on the phone having to say it to a service rep, but it's better than what's otherwise basically security theater.

[-] SlurpingPus@lemmy.world 4 points 12 hours ago

I once spent about five minutes explaining my email over the phone — which email has just a handful of letters, but in a weird sequence. Can't imagine having to dictate a random password.

Reminds me of the time when our office got corporate debit cards for everyone, and one dude had his security phrase be eight letters ‘Q’ (or more specifically, a sorta connective letter that can only be at the end of syllables in our language).

[-] helpImTrappedOnline@lemmy.world 36 points 22 hours ago

The name of my high school crush was "SnorkleBrewersExploringAsphaltBrowniePie" why do you ask?

[-] TheTechnician27@lemmy.world 15 points 19 hours ago

"Little Snorkly Pie, we called them."

[-] jaybone@lemmy.zip 8 points 18 hours ago

I said my name is Apostrophe Semi-colon DROP USERS.

[-] HeyThisIsntTheYMCA@lemmy.world 12 points 19 hours ago* (last edited 19 hours ago)

I enjoy singing "oh ricky you're so fine, you're so fine you blow my mind hey ricky [clap clap] hey ricky [clap clap]" at the service rep and i told them that if i don't sing it or clap that i have failed the security challenge.

it's the answer to what was the color of my first car.

[-] chicken@lemmy.dbzer0.com 6 points 19 hours ago* (last edited 19 hours ago)

I feel like maybe someone could convince people over the phone to give them access if they explained correctly that the fields have random strings and roughly how they are formatted, but claim to have forgotten what they are

[-] ReluctantMuskrat@lemmy.world 1 points 8 hours ago

In a properly secure system the rep can't see the code but must type it in to get to your data. If they can get to it without your secret, they can be tricked into supplying it or may abuse their access themselves.

[-] chicken@lemmy.dbzer0.com 1 points 1 hour ago

If they're doing it that way then it's dumb for these to be questions about your life because the point of that is to make it things that people will definitely be able to remember, but realistically you're only going to remember the answer in general, not necessarily the specific wording or how the answer was formatted.

[-] vaionko@sopuli.xyz 2 points 10 hours ago

For anything properly made the words are not stored in a format the service rep can read, they are hashed

[-] FuglyDuck@lemmy.world 7 points 18 hours ago

You could convince a cs rep to open it with a sob story and a fake sniffle.

Fortunately, most places have gone away from giving CS repels that kind of access.

[-] lmmarsano@lemmynsfw.com 2 points 17 hours ago

Or random word(s): easier to tell a service agent.

this post was submitted on 09 Feb 2026

701 points (97.7% liked)

Comic Strips

22045 readers

2878 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

The post can be a single image, an image gallery, or a link to a specific comic hosted on another site (the author's website, for instance).
The comic must be a complete story.
If it is an external link, it must be to a specific story, not to the root of the site.
You may post comics from others or your own.
If you are posting a comic of your own, a maximum of one per week is allowed (I know, your comics are great, but this rule helps avoid spam).
The comic can be in any language, but if it's not in English, OP must include an English translation in the post's 'body' field (note: you don't need to select a specific language when posting a comic).
Politeness.
AI-generated comics aren't allowed.
Adult content is not allowed. This community aims to be fun for people of all ages.

Web of links

!linuxmemes@lemmy.world: "I use Arch btw"
!memes@lemmy.world: memes (you don't say!)

founded 2 years ago

MODERATORS

lawrence@lemmy.world