I often give fake info as an extra measure of data protection. If I don’t need the data controller to have my date of birth, I give a fake one.
Well this just screwed me because I made an access request and the data controller said: to verify your identity, tell us your date of birth. Fuck me. I didn’t keep track of which fake date I gave them. I didn’t even keep track of whether I gave fake info. So they could treat my otherwise legit request as a breach attempt.
I should have kept track of the birth date I supplied. I will; from now on.
Put anything related to any account in your password manager. Not only should your security questions have absolutely nothing to do with the real you, so should anything that’s not pertinent to the account. My first pet’s name or the name of my first car are often just random strings like my passwords and my names are randomly generated names.
Another route is to use the same fake info everywhere unless you need specific fake info which goes in the password manager.
If you’re not using a password manager you should start. Options like KeePass don’t require providers to have access to your info.