People that are in the IT Business usually have some sort of un-guessable “master” password that they use as answer for all security questions and it can’t be bruteforced. However, normal users did not catch on to this little trick that I will explain below.
First of all, A master password is something that should be hard to crack but easy to remember.
Those numbered phrases and using CAPITALS and special marks to create Mysupers3cr3tp0ssw0rd!!!! have just created a horror to remember.
So first pick something long, preferably a whole sentence of words including punctuation that means anything only to you. XKCD had a nice episode on that:
https://xkcd.com/936/
Next, use some password websites to make sure it really takes at least a million years or longer to hack it
password: ThisisadumbpasswordtoprovemypointAnditdoesn’tmatter.
It would take a computer about
1 quinquavigintillion years
to crack your password
Now thats what I call a secure master password. Thats a lot of years!! best of all, I can memorize this stupid password in less than an hour because it makes sense to me! (And only me!)
Now whenever some website asks you to answer a ‘password hint phrase’ or something likewise to prove that its you in password retrieval procedures, fill out your master password. Make sure you pick a question that allows free input and not something fixed (like a birth date of your dog). Questions like “What was your first street” will be fine, as it will usually allow free text input.
Nobody will guess your master password, so it doesn’t matter what the question was, you will simply answer with your super-secure and nigh unhackable password that you thought up. (and never reveal it anywhere, not online, conversations don’t even hint at it).
Mark.