I feel like this article takes a lot of words and time to suggest the reasonable solution: make up fake answers to security questions and store them somewhere, preferably a password manager. Sure, it would be greatly preferable to use 2FA and people should really get on that, but lamenting on all the ways security questions can be inappropriate for people when there's an obvious solution feels like drawing it out for the sake of filling up that word count.
Sure there are workarounds we can use as consumers, but getting the message out there will help push the companies to a better system. Something like 2FA over SMS is common in other countries and way better. Journalism is helping give security a bigger mind share in the public eye so they can understand how current systems are flawed and demand better ones. Its a good time to tackle the problem given all the recent hacks/leaks (like SSNs). Corporations will only budget for this stuff when their users demand it.
