For people who want to retain the convenience, my suggestion is twofold:
1) Don't answer the question that was asked. Mentally translate it to a different question entirely. "Name of first pet" is always answered as "color of first car", for instance.
2) Make the answers full sentences, not just single words. If the answer you're providing is "color of first car", the answer shouldn't be "white", it should be "The color of my first car was white".
1. That is likely to exceed the maximum length allowed for the form fields you have to use to enter it on web pages or in apps.
You might find that on the page where you initially set it up the page silently truncated it to say 1000 bits, and that's what got stored on the server. But the page where you need to use it for password recovery handles 1500 bits, and the form in their app only handles 500.
So you cannot get it to work in the app no matter what, and can only use it on the recovery page if you somehow figure out that only 1000 bits are on the server and truncate to that yourself.
2. Some places use the same security questions when you phone support. The support person asks you one of the security questions and can read the answer from the database. They compare that to what you tell them over the phone.
You probably don't want to go through that with a random 4096 bit string.
Yeah, easy way to own the security conscious is call customer service and "authenticate yourself" by "answering" that you made the security response a bunch of random letters and numbers beacuse you were in a hurry and was confused about the assignment.
1) Don't answer the question that was asked. Mentally translate it to a different question entirely. "Name of first pet" is always answered as "color of first car", for instance.
2) Make the answers full sentences, not just single words. If the answer you're providing is "color of first car", the answer shouldn't be "white", it should be "The color of my first car was white".