Don’t use your real birthday on web sites

You’d have to be completely crazy to enter your name, address and date-of-birth when registering on a web site if you had any inkling of the security implications. Put simply, these are security questions commonly used by your bank and you really don’t want such information falling in to the wrong hands. So, security-savvy people use a fake DOB on different web sites. If you want to play fair with a site that’s asking this for demographic research, use approximately the correct year by all means, but don’t give them you mother’s real maiden name or anything else used by banks or government agencies to verify your identity, or the criminals will end up using it for their own purposes (i.e. emptying your bank account).

That banks, or anyone else, use personal details that can be uncovered with a bit of research at the public record office is a worry in itself. It’s only a minor hindrance to fraudulent criminals unless you provide random strings and insist to your bank that your father married a Miss Iyklandhqys. The bank might get uppity about it, but they should be more interested in security than genealogy.

This common knowledge, and common sense advice was repeated by civil servant from the Cabinet Office called Andy Smith at the Parliament and the Internet Conference at Portcullis House a few days ago. I’ve never met him, but he seems to have a better grasp of security than most of the government and civil service.

Enter Ms Goodman – Labour MP for Bishop Auckland. She heard this and declared his advice as “totally outrageous”, and went on to say that “I was genuinely shocked that a public official could say such a thing.”

I wish I was genuinely shocked at the dangerous ignorance of many MPs, but I can’t say that I am. Her political masters (New Labour) haven’t acted nearly quickly enough to suppress this foolish person. In her defence, she used the context that people used anonymous account to bully others. This doesn’t bear any scrutiny at all.

When are we going to find a politician with the faintest clue about how cyber security works? The fact that this ignoramus hasn’t disappeared under a barrage of criticism suggests that this isn’t an isolated problem – they’re all as culpable. Her biography shows just how qualified she is to talk about cyber security (or life outside of the Westminster bubble). I’ve no idea what she’s like as a person or MP, but a security expert she isn’t.

I do hope they listen to Andy Smith.


Leave a Reply

Your email address will not be published. Required fields are marked *