“Where did you spend your honeymoon?”
The answer to this question is probably unforgettable in most cases. But I’ve never been married, so I've definitely never gone on a honeymoon. Yahoo tells me I accessed this account on November 24, 2009, and changed my security questions. I vaguely remember this. I had just turned 18, and I gave what I thought were clever, humorous responses—answers so ingrained in who I am that I couldn’t possibly forget. Five years later, I got nothing.
Maybe most people would give up, forget about this minor obsession, and move on with their lives. I try a different approach. If I proposed the question to friends and strangers online, would we be able to “hack” my account? What would it look like to crowdsource the answers to my security questions? To find out, I posted an open call on my personal blog asking people to guess where I spent (or where 18-year-old me thought he would spend) my honeymoon. I vowed to buy the winner a pizza or send him or her a to-be-determined gift in the mail.
And then I waited.
Guesses started streaming in.
To my surprise, within a couple hours someone figured out the correct answer: paris, with a lowercase “p.” I was relieved. But just as I thought I was about to access the old account, something terrible happened: a second, more challenging security question appeared on my screen.
“What is your main frequent flier number?”
I chose this question in 2009. As far as I know, I didn’t have a frequent flier number until this year. I tried some of the obvious numbers an 18-year-old might choose—my birthday, 420, 69—to no avail. Feeling discouraged, I put out another request for guesses on my blog. There were plenty of submissions; none were correct.
I sent an email to Yahoo explaining my situation. A few hours later, a response:
Thank you for contacting Yahoo. We appreciate the verification information you have provided so far. In order for us to proceed… provide the answer to the second security question. We're looking forward to your reply, Cort.
I listed all possible answers and clicked send. Minutes later, another reply:
Thanks for getting back to us. Unfortunately, the answers you have provided do not match the answers in our system. Without it, we will be unable to confirm your account.
Maybe you know what this feels like. A quick Google search shows that there are at least hundreds of people out there who, like me, can’t access their personal email accounts. This is the intersection of human failure and technological success. Yahoo security is doing exactly what it was designed to do; I’m not. It’s a helpless sort of frustration. My possessions are locked in a house, and I misplaced the key. Friends and strangers have helped me search for a way in, but no matter how much I try to crowdsource an answer, no matter how long I stay on hold, no matter how many exasperated emails I send, nothing changes. The keys are gone. The house is locked.
* * *