[LMB] LISTBIZ: GDPR and Birthdays

Rachel anglerfish at gmail.com
Sun May 27 14:17:13 BST 2018

> From: Marc Wilson
> Current best practice is to allow you to specify your own *questions* as
> well as *answers*.  And then for the respondent to pick things that
> *aren't* a matter of public record: "What was the first concert you
> attended?"  "What was your first crush's middle name?"

When I set up an account for student loans way back in the day, I made my
security question "What is blue?", I guess imagining that I would remember
the obscure personal reference what turned out to be six years later.

It took about three weeks of digging into my mind (password reset was a
burocratically impossible government process) and a lot of false answers
before landing on the answer "rock". But to this day I cannot recall the
original personal anecdote that created that connection.

I suppose it didn't teach me a lesson, though, because I still tend to use
nonesense questions and inside jokes.

More information about the Lois-Bujold mailing list