So, bear with me here.
I'm not seriously suggesting that Cleo, Rex and Spot were bad names for your first pet, but if you took one website at face value you might end up believing that Rover1 would have been a better choice.
Your Security word must be between 6 and 15 characters in length and only contain letters and numbers.
User interface developer Anna Debenham tweeted a screenshot of how a website was happy for her to use the name of her first pet as her secret security question, but not at all happy if the answer was less than six characters long.
Bad news if your first pet cat was called Oscar, Max, Bella, Tiger, Molly, Sam, Misty, Coco, Simba, Lucy, Puss, Kitty, the list goes on...
Or will people learn that actually, maybe it's not such a great idea to use "secret" answers to protect their accounts when those answers are easy for unauthorised parties to find out or guess?
My advice is that people should stop thinking they have to answer honestly every question they are asked on the web. If a website asks you your mother's maiden name, or the name of your first school or pet, ask yourself if they really have any way to check if you are telling the truth or not.
Because maybe the site doesn't care if you have answered truthfully or not, and you can just as easily give it an answer that no-one else can determine or guess, that will keep your account more secure?
For the record, in case you need it, my mother's maiden name is 6@UfqDzkN#hsFc9. But I am thinking of renaming my dog Rover1.