Psssst! Your date of birth can be a random number!


For lots of online accounts, a date of birth is nothing more than a very weak second factor.

The majority of places aren't checking your identity, cross-referencing your birthdate, and personalising your experience based on your Zodiac sign. At most, they'll wish you a happy birthday and / or let you recover your account by providing your date of birth.

But, of course, lots of people know your birthday. Everyone you went to school with, family members, colleagues. It might even be on your Wikipedia bio.

A date of birth is not a suitable security measure. So I set mine to be a random number.

Let's get a few things straight. Don't lie to the cops, the state, or your spouse. If you give an incorrect date of birth to an insurance company, medical provider, or financial institution; you're gonna have a bad time.

But for most other services...?

If I'm signing in to a free WiFi service, my date of birth is 1st of January, 1901 (or whatever the earliest year they will accept).

If a service uses my DoB for account recovery, I generate a random number, save it in my password manager, and tell the site I was born on 17/07/1985, or whatever.

Look, I'm aware there are some theoretical downsides. If you ever lose your fake details, you won't be able to prove your identity using official ID. If you use fake details to get an age related discount, that's probably fraud - so don't do that!

For the vast majority of services which have no legitimate reason for knowing your age, it's OK to use a random number.


Share this post on…

  • Mastodon
  • Facebook
  • LinkedIn
  • BlueSky
  • Threads
  • Reddit
  • HackerNews
  • Lobsters
  • WhatsApp
  • Telegram

14 thoughts on “Psssst! Your date of birth can be a random number!”

  1. Ian says:

    If (big if) they are using the date of birth as a secondary ID validation AND also sending out happy birthday alerts, then unless they're very clever about how they do it, I'd wager good money that the date of birth is stored in open text in their database.

    Which would break the general principle of always encrypting anything related to security information.

    Reply
  2. mike says:

    I use an easy to remember consistent lie for things which do not need to know my age. And I can start every calender year by claiming a free fake birthday doughnut from a popular high street bakery chain. The downside of this is that if I want a doughnut on my actual birthday I have to pay for it myself or persuade someone else to. But overall I am content to trade free real birthday doughnut for a bit of privacy.

    Reply
  3. Owen says:

    Yes, I've been doing this for years. So for no downside, apart from not getting that free doughnut on my real birthday.

    Reply
  4. Dr. Watdaughter says:

    According to Steam database, at least half of the users were born on January 1st.

    Reply

What are your reckons?

All comments are moderated and may not be published immediately. Your email address will not be published.

Allowed HTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <p> <pre> <br> <img src="" alt="" title="" srcset="">