In reply to Reply to a Tweet by Eric Eggert by Sebastian Greger
I treat all ‘security questions’, especially weak ones like ‘your mother’s maiden name’ (which in my case is also a few characters short of your Deutsche Bahn example’s limit) as password fields. So I provide unique answers per website asking for them, which are generated by my password generator, and store them in my password manager. It’s an act of information hygiene, imo.
Living in a city with 13 letters (CHARLOTTETOWN), I’m forever running up against length limits, primarily on printed forms.