[conspire] (forw) HaveIBeenPwned.com (was: Safer Browsing)

[Rick Moen]

Quoting Paul Zander (paulz at ieee.org):

> Regarding DOB.  I can understand being creative with answers to
> "security questions."   I just have to remember what I had originally
> typed.

This is among the data you can and should store in a 'password wallet'.

> On the other hand, when a bank or medical office asks for my info, I
> expect that they might be checking my DOB against other records.

And also, those are examples of, as I said, entities with a legal or
contractual entitlement to correct DOB information.

> I'm not recalling other sorts of entities asking for DOB.  What am I
> missing?

In my experience, a significant number of other entities' Internet sites
ask, either because they're asking if you're an adult, or they want to
do communication with you concerning your birthday, or just because
they're nosy and are data-mining.

But DOB is just one example of the general category of 'things that are
known about you' that can get used by marketing people and con artists,
and, if what is known about you paints an inconsistent picture for
data-miners, all the better.

I mentioned that my formal name isn't Rick.  This fact has been handy in
lots of amusing ways, such as when someone at Princeton University
Annual Giving telephoned my now-late mother and introduced himself by
saying 'Hi, I was a friend of [my formal name] at college', and she
unhesitatingly replied 'No, you weren't.'