New IRS tax hack rips off people who were already ripped off
Originally published in 2015
Quote from article
Those security questions about your siblings and your favorite car may not protect you from theft.
“Knowledge-based authentication or ‘out-of-wallet’ questions have always had a weakness,” said Daniel Lance with Archer Security Group. “They ask questions we all brag about, or that is public knowledge.”
Lance suggested that you use the knowledge-based questions as an extra password layer, when possible.
“When asked to enter your best friend’s name, input a complex alpha-numeric password with more than eight digits,” he said.
Then, use a storage device, like a digital password safe, to encrypt and store that password, he explained.
“Knowledge-based authentication isn’t about helping you remember who your first grade teacher is,” he said. “It’s about getting you access again and again.”
However, most knowledge-based authentication solutions store your answers unencrypted, he said.
In case of a hack, he recommended you use different knowledge-based authentication answers for different companies or organizations, so the thieves can’t use your security answers against you.