[jdeibele]

Thank you for saying something about this. I make up answers to "security" questions like: first pet's name? Favorite teacher? and so on but that means that I have to record what the answer is.

I've been doing that in the notes section for LastPass. I think that I'm going to have to move to doing it in the Notes app since that works on all my Apple devices. And it looks like I can lock one Note without having to lock all of them.

[mdaniel]

In case you haven't already seen it, 1P has effectively a "click button, get fake security question answers" and I love it: https://support.1password.com/generate-security-questions/

They use the "battery horse stable" scheme so you don't have to read crazy ascii over the phone to customer support

[BrandoElFollito]

Bitwarden has the same. I just generated wobble-swaddling-reflex-repost

[mdaniel]

One will observe that I said "click button, get fake security answers" and I just tried it with BW Version 2022.5.1 (3283) and there was for sure no such "add security questions" option

I do believe you that it's possible to generate a password using battery-horse-stable but BW places the burden upon the user to create a "security questions" section, fill in the security question prompt, now save the item at this point because fuck the user, and then go to some other section to generate the battery-horse-staple password, copy it to the clipboard, go back into the item, edit it, go back to the section, paste the generated password, and now repeat that for the other 3 fucking required security questions

And people ask me why I pay for 1P ... I'll just link them to this process in the future, because it's a night-and-day difference how much BW hates its users

[411111111111111]

I don't even remember the last time I had to input a security question, so personally I wouldn't have wanted them to waste their time with such a feature. Isn't the feature inherently moot when you're saving the answer in you password manager? The only way to forget your password is if you're unable to access the password manager, which also contains the answer to the security question.

At that point you're just as secure inputting any random letters to effectively disable the security question unlock.

[SSLy]

commercial citimanager is an example of a stupid site that asks for those on any auth flow

[BrandoElFollito]

Since security questions are not standardized (in the same way as a password field is) you may or may not recognize them (as a password manager).

I store the questions and answers in the notes section because I am sure I will have the right answers to the right questions.

I also expect this to be at the same place where passwords are generated because, well, these are passwords.

My hope is that idiotic idea born in the head of a psychopath will die soon (this is just a hope, taken into account the horrible, horrible incompetence of people who design the security of sites, especially password contraints)

[no-reply]

That is nice. I have ascii 24-48 characters with mixed special characters. A garbled mess to read aloud.

[woojoo666]

Last I checked, notes are included in the export. This post is about attachments