Or even find it on the Internet. In practice, there was a russian phone number list case when the site administrator was a young girl. They found out her mailing address, requested a password recovery, the secret question was - "The name of your pet." There was a topic about pets on the forum, and the answer to the secret question was located there.
After the attacker took possession of the mailbox, the password was reset from the admin panel via mail. That's how, in 10 minutes, without even contacting the victim, the site ended up in the hands of the hacker. Therefore, we recommend not to specify real and actual data in the secret question. The same pet's nickname or favorite dish can be brute-forced using a dictionary.
Or they can find out from you. To the question "Passport series and number" you can always write "December 17, 1986" - such an answer is very difficult to find by brute force, and you will always remember the date of your birth, wedding or the date of some happy moment in your life. Or use real information, but add numbers to the answer, for example, to the question - "Your pet's nickname" you can make up the answer "Vaska1975".
Even if they find out the nickname, no one knows the additional answer. Throwing in the Trojan Horse This is one of the most popular ways to gain access to the admin panel of a website or your mail. Trojans are used to steal passwords from your system. It is not difficult to assemble a Trojan, there are many programs available for this purpose.