How safe is your secure word?

Historians have found that we’ve been using our mother’s maiden name as a security question since 1882. In this digital age where we are using multi factor authentication it may well become obsolete in the near future. However, many official organisations (such as banks) still use this traditional security question.

Has this stood the test of time to remain fool proof? Unfortunately not. One of the Counter Fraud team was able to find the maiden name of 5 out of 6 of her colleague’s mothers in less than 20 minutes thanks to the public digitalisation of births, marriages and deaths. Read any advice on passwords and it will all say to make them unguessable. Some advice on the security question is to make one up (was anyone else’s mum called Miss Squarepants before she married your dad?). We advise to take care if you do this. Although most don’t, some organisations will check this against official records. You also have to remember what answer you gave or risk being frozen out of access to services.

We cannot avoid using a mother’s maiden name in some situations, but if you get options for what your security word is, use the option that the answer cannot be easily found on the internet. Whilst we're on the subject, just a reminder that the 'games' you often see on social media where you can get your fairy goblin name by combining the name of your first pet with the street that you grew up on, are nothing more than phishing exercises used by fraudsters to capture your details.

Other useful articles can be found in our Counter Fraud Newsletters on the Publications page.