I went to one site that apparently knew the name of my Third Grade teacher. Great, now it can tell me because the only support I have for my having gone to Third Grade is that I’m pretty sure went to Fourth.
I always pick questions that my wife can answer. That way when I forget what street I grew up on I can ask her.
One of my office’s old software providers did this. When I set up the account, I had no idea I’d ever have to answer the question to a living human being, so I texted my friend a question and decided to use whatever he replied with as the answer.
Cut to two months later. I’m in a department meeting when the software borks. I call in for support, and after taking my account number, the representative dutifully asks: “Hooblah dooblah dibbity dee?”
My response: “Indeed, sir.” (The rep was a woman.)
The rest of the conversation proceeded as normal, but I’ve never seen a roomful of people look quite so confused.
The main problem with specifically “mother’s maiden name” and why it should no longer be used is that both hobby genealogists as well as big groups (the Mormons) publish on the web long lineages. So if your second cousin suddenly puts up a website with the family tree, your mother’s maiden name is no longer very secret for a criminal who already knows your whole name.
The second problem for things like “favourite book/ author/ name of childhood pet” is that so far, I’ve never seen an explanation how sensitive the answer is, or if a person or a computer reads the answer.
When in 2006 a website asks me the name of my childhood pet (apparently every child had one … not in places where people live in cities in rented flats where the rules forbid pets…) and I write Lassie dog, I most certainly won’t remember 1 year later whether I wrote it one word or two, capital or not. And if a computer is reading the question, not a human, I know that it probably is too dumb to understand that “Lassie dog” and “lassiedog” are the same answer.
So I write it down. That’s how “safe but unpractiable” solutions always end, don’t they?
My pet peeve on these things (AT&T high speed internet, I am looking right at you)
Questions like:
What is your favorite restaraunt?
What is your favorite movie?
What is your favorite singer?
I have started pretty much answering “go fuck yourself” or some variation of that to all of them. for customers I answer them all customer first name+numerical portion of address bob1236 and note it on the invoice so when they call freaking out 6 months later I can look it up :D.
Wonderful. There’s no possible way that this can change in the next 6 months…
Or do they expect to need that question every week?
I think the security questions are dumb anyway. They are the weak link in the chain. They essentially are the password, and our answers are usually dictionary words–even the names. Ever since the XKCD strip, I answer with a long sentence sans spaces. (I wish the password fields would let me do that, and not restrict me to 8 or 11 letters.)
I’ve gotten to the point where I just repeat my password. I use pretty much the same 3 or so on every site that doesn’t actually matter. You mean someone posted as me on some site I only signed up for to comment on single page? What am I going to do?
Good one! 
On the other hand I don’t quite get this one. I know the general concept of identifying yourself by showing the second half of a broken object to see if they match, but were you referring to any movie or book in particular?
I don’t even know their first names. One was dead before I was born and AFAIK the other was named “gramma”, and she died when I was 6 or 7.
No, only when you talk to tech support, who wont help unless you can answer these questions you answered 6 years ago when you set up your dsl account
Yeah, I end up making up stuff (which I’m more likely to forget than the actual password). Mother’s maiden name? Eldest nephew/niece? Really?
This is the best solution!!!
Yes. The one good point I can see is that relatives can fix your affairs if you die suddenly–because it’s all obvious as sin. But those aren’t proper password choices.
I like this, but I’m thinking something gender inappropriate - “pantyhose & a bra” for guys or “jockstrap” for the females. Give 'em something to talk about after you hang up. 
It always scares me when they need to ask me my security questions. I presume that they have all of my info, including account # up on one screen; just press screen print & they can now commit identity theft. Customer service reps aren’t paid that much & there are many more of them than people in IT who need access to this data.