| ▲ | inopinatus 5 hours ago |
| I’ve been recommending the use of consistent lies about name and date of birth to online systems since Eternal September began. Very few sites and systems justify accurate PII, and even for those I often still maintain dual accounts/profiles as necessary. |
|
| ▲ | tmikaeld 4 hours ago | parent | next [-] |
| That never works on Facebook though, because as soon as a ”friend” reports that ”I’m not me” then the account will be permanently banned. That also triggers for photos that’s not genuinely me, like a pet or drawing as portrait. |
| |
| ▲ | brk an hour ago | parent | next [-] | | Never?
Facebook is pretty overrun with what are basically fake profiles. Hell, I've been curating an alter ego on Facebook for over a decade. Built up a profile with several dozen "friends" that are all kind of interconnected and regional, but of course none of them have ever met "me" IRL, and the profile picture is a funny-ish celeb pic. Facebook has millions of legit users that are "friend collector" types, and won't think twice about engaging with an account that gently strokes their online ego with likes, "Happy Birthdays", etc. | |
| ▲ | willis936 3 hours ago | parent | prev | next [-] | | There is an easy solution: don't log into facebook. Anyone you want to talk to on there has a phone. | | |
| ▲ | Dumblydorr an hour ago | parent [-] | | Are many folks on HN using Facebook? To me, most tech savvy folks I know left it a decade ago. All the FB users I know are 60+ |
| |
| ▲ | kelnos 30 minutes ago | parent | prev [-] | | ... and nothing of value would be lost. |
|
|
| ▲ | rlpb 4 hours ago | parent | prev | next [-] |
| I like using a date of birth of 1 January. It's plausible but also hopefully suspicious how many people seem to be born that day if others do the same. |
| |
| ▲ | brk an hour ago | parent | next [-] | | I use the 1st of my birth month. Slightly less suspicious? It's at least a little easier to remember. Generate fake profiles and identities usually is easier when you have bits that are rooted in your actual reality. Like, you have the same zodiac sign either way in this case, so you don't have to remember two of everything. Or if you're talking about a birthday trip, or related birthday thing from the past, details about the weather would be consistent, etc. | |
| ▲ | cheschire 4 hours ago | parent | prev | next [-] | | But if an attacker gets your fake birthday and uses that to successfully reset credentials on another site that uses the same fake birthday? At some point it becomes your birthday of record as far as the internet is concerned. Doesn’t matter what the actual record says. | | |
| ▲ | rlpb 2 hours ago | parent | next [-] | | If an attacker can do that, they could also do that with my real birthday had I used that. My birthday isn't a secret against anyone who wants to look hard enough. Therefore this method doesn't provide any kind of security against attackers gated only on knowing my registered birthday. I never claimed that it did. | |
| ▲ | dannyw 3 hours ago | parent | prev [-] | | No service should use date of birth for password resets. |
| |
| ▲ | toilet 2 hours ago | parent | prev | next [-] | | I heard from a number of Syrian refugees that this is actually very common in countries like theirs, where births may not be recorded, records are lost or destroyed. Some people don't even know their exact date of birth and they would typically enter January 1st on forms like this too. | | |
| ▲ | inopinatus 2 hours ago | parent [-] | | A common case even in stable, industrialised, first-world nations. Bottom line, it’s a false assumption that everyone knows the date or even year of their birth, quite apart from being willing to disclose it or able to prove it. I can also reveal that parents routinely mix up the DoB of their kids, and the more kids they have the worse this becomes, and I realised at some point during my association with club-level sport that it is a direct consequence of how tired they are |
| |
| ▲ | richrichardsson 4 hours ago | parent | prev [-] | | Same, my D.O.B. is 1/1/1970 for anything that doesn't justify having the real deal. | | |
| ▲ | indigo945 3 hours ago | parent [-] | | That's also great for integration testing their systems, if they have any code in a language where datetimes are a value type. |
|
|
|
| ▲ | greengreengrass 5 hours ago | parent | prev | next [-] |
| Completely agree. I use randomness for all of these now – plausible randomness if it’s possible I’ll have to give it over a phone. |
|
| ▲ | AtHeartEngineer 4 hours ago | parent | prev | next [-] |
| Jan 1st, 1984 every time |
| |
|
| ▲ | Cider9986 5 hours ago | parent | prev [-] |
| strongphrase.net is good for this. |