Security questions, typically used to recover a forgotten password, are a frankly unheralded hole in password security. Typical questions include your mother's maiden name, the street you grew up on, or your high school mascot.

It is very easy to see that these questions can be answered by almost everyone you know, and can easily be detected by people you don't really know if they look hard enough.

As a best practice, I recommend never answering these questions with the exact answer, either use a short phrase that you know that someone else would not be able to guess, or use a random string of characters. Either way, you should alreayd be using a password manager, which will then allow you to store the questions and the corresponding answers.

Check out this article from Wired for more background.

Remeber, there is no one solution to the problem of password security, a multi-pronged approach is paramount.