A few security-conscious web sites allows users to write their own security questions, and web developers are occasionally asked to provide a few questions for their sites. Lifehacker reader James provides some perspective on what really makes a question secure.
The problem with most stock security questions, as former VP-hopeful Sarah Palin learned, is that they can be found out by digging through public records, social profiles, and a little deep Google work. What makes a security question a good one? James offers some good insight:
A good security question will have the following characteristics:
1. Easy to remember, even 5 or 10 yrs from now
2. At least thousands of possible answers
3. Not a question you would answer on facebook, myspace, in a "Fun Questions to Ask" survey, or in a article or interview
4. Simple one or two word answer
5. Never changes
Hit the link for security question examples that meet this criteria. Stuck answering dumb, easy-to-crack questions? Try a snarky, memorable answer code instead of the obvious answer.