This is where being creative helps. Consider for a moment my love of reading and writing science fiction. Consider my multiple constructed languages. Consider my fascination with codes and ciphers. And then consider the weird random way my brain works. If I get to write my own security questions, they may be in code, or one of my constructed languages, or both. Even if English, I can ask questions that make most people go "What the fuck?" Even normal looking questions may have an answer impossible to guess because the answer isn't in normal English. I obviously can't cite any real examples, but let's assume for a moment that my mother's maiden name is Blue-Green (it isn't). So even if I get the boring "What is your mother's maiden name?", instead of writing "Blue-Green," I could write in TPNN "Gwehriz-Krahbaag" or encode "Comvof-Hosoffoo" or encode "Coxfisja-Losbicobboh."
For simpler, yet sufficiently strange enough to flummox people, answers, say the question is "What was the name of your first pet?" And one could think of it in terms of a BDSM kind of human pet, and thus put something like "Gillian Anderson" or "Robert Redfield" instead of "Rover" or "Fluffy."
I also have a constructed language called Jibberesh which makes for some bizarre answers. For example, "I love you" in Jibberesh is "Oing hashbladder boing."
So, as we see, even boring questions easy to guess can be made to flummox baddies. Just make sure you can remember the answers, or write them down somewhere, preferably in an encrypted vault made with TrueCrypt, or at least in code, if you write it on paper.
One of my favorite things to do in codewriting is write a sentence in three or four different languages first, and THEN put it through a cipher. It's clever because substitution ciphers can be cracked by... I forget the proper term, but it's where they assume it's English, and look for the most common letters in the code and compare it to the most common letters in English, thus giving them a way to break it. But if you're writing in a bunch of different languages first, you'll render that method useless. Example:
Sentence to encode: "Most of us know asbestos as 'that puffy stuff it cost a fortune to take out of the walls of public schools.'"
First, with TPNN conlang bits: "Vahzii seh grehn saber asbestos ehg 'dass puffy maik it kosten un vermogen to Nehmen Sie von heraus la falak seh preifat ysgolion.'"
Then: Encode it with a substitution cipher.
I used a few more languages in there than I usually do. I usually only use Spanish, English, and TPNN, maybe some German. In this example I used some Dutch, Welsch, and Hungarian as well. It's best to remember which languages you use.
And of course, all of that and more can be done to think of passwords to begin with.
no subject
For simpler, yet sufficiently strange enough to flummox people, answers, say the question is "What was the name of your first pet?" And one could think of it in terms of a BDSM kind of human pet, and thus put something like "Gillian Anderson" or "Robert Redfield" instead of "Rover" or "Fluffy."
I also have a constructed language called Jibberesh which makes for some bizarre answers. For example, "I love you" in Jibberesh is "Oing hashbladder boing."
So, as we see, even boring questions easy to guess can be made to flummox baddies. Just make sure you can remember the answers, or write them down somewhere, preferably in an encrypted vault made with TrueCrypt, or at least in code, if you write it on paper.
One of my favorite things to do in codewriting is write a sentence in three or four different languages first, and THEN put it through a cipher. It's clever because substitution ciphers can be cracked by... I forget the proper term, but it's where they assume it's English, and look for the most common letters in the code and compare it to the most common letters in English, thus giving them a way to break it. But if you're writing in a bunch of different languages first, you'll render that method useless. Example:
Sentence to encode: "Most of us know asbestos as 'that puffy stuff it cost a fortune to take out of the walls of public schools.'"
First, with TPNN conlang bits: "Vahzii seh grehn saber asbestos ehg 'dass puffy maik it kosten un vermogen to Nehmen Sie von heraus la falak seh preifat ysgolion.'"
Then: Encode it with a substitution cipher.
I used a few more languages in there than I usually do. I usually only use Spanish, English, and TPNN, maybe some German. In this example I used some Dutch, Welsch, and Hungarian as well. It's best to remember which languages you use.
And of course, all of that and more can be done to think of passwords to begin with.