A birthday is not what you might call private information that you should keep secret. Almost everyone celebrates it in social media, and some people publish it in their profile. That's a terrible idea. Here is the reason.
Probably one of your security questions
In addition to the model of your first car and your mum's maiden name, your birthday is perhaps the most common security question asked on most websites.
Security issues are notoriously horrible. They are probably the cause of most online hacks on social media, including the 201
Like on your birthday. It's a miracle that it's even an option for the already insecure "security question protection" because it's much easier for a hacker to find your birthday than "the street you grew up in." For she is also one of the simplest and easiest To remember questions, she was probably chosen very often. This is a problem because many people publish it publicly in their profile or at least leave a list of "Happy Birthday!" Posts every year. In fact, people give many answers to security questions in the form of "quiz questions" that are spread around Facebook. Another day, another funny attack vector.
Even if your birthday is not the answer to an actual security question in your account, it's still information a person can use when trying to access your account in some other way. Calling your service provider and pretending to be you.
Sometimes it acts as your password
When I called a new phone in a Verizon store, they asked me about two things: my phone number and my birthday. Nothing else. Then they switched my entire telephone line to a new device. This is a problem because these two easily accessible numbers are an obvious attack vector for two-factor authentication.
In two-factor authentication (often referred to as 2FA), a service sends code to your phone (or asks for a generated code) from an app, and you must enter that code in addition to your password. This is a great way to improve safety. It is also commonly used for account recovery because nobody else should have access to a device in your pocket. But if someone can steal your phone number virtually by only knowing your birthday, it will affect any service that relies on it.
And not only could your phone be vulnerable, this "birthday-as-password" problem is prevalent in many places. How many times have you been asked to confirm your birthday? It makes sense because everyone has a birthday, so it's easy to remember. It is also quite certain since the number of days in a 30-year period is already more than the 10,000 possible four-digit PIN combinations. But people do not put their PIN on top of their Facebook profiles.
RELATED: What to do if you lose your two-factor phone
It helps people guess your social security number
Security tip: Change your birthplace regularly and the birth name of your mother.
– Justin Pot (@jhpot) December 15, 2016
Heck, if you were born in the US and have Social Security Numbers, people can use your birthday and place of birth to guess your Social Security number. The social security numbers were linked to place of birth by the time randomization began, so that anyone born earlier has a more predictable social security number.
Your birthday is not the only dangerous thing you can share. Identity thieves can also use details such as mother's maiden name and maiden name. It's hard to avoid publishing these details online.