[LMB] LISTBIZ: GDPR and Birthdays
anglerfish at gmail.com
Sun May 27 14:17:13 BST 2018
> From: Marc Wilson
> Current best practice is to allow you to specify your own *questions* as
> well as *answers*. And then for the respondent to pick things that
> *aren't* a matter of public record: "What was the first concert you
> attended?" "What was your first crush's middle name?"
When I set up an account for student loans way back in the day, I made my
security question "What is blue?", I guess imagining that I would remember
the obscure personal reference what turned out to be six years later.
It took about three weeks of digging into my mind (password reset was a
burocratically impossible government process) and a lot of false answers
before landing on the answer "rock". But to this day I cannot recall the
original personal anecdote that created that connection.
I suppose it didn't teach me a lesson, though, because I still tend to use
nonesense questions and inside jokes.
More information about the Lois-Bujold