What Is Your Mother's Maiden Name?

Abstract

The history of online security questions demonstrates how hegemonic beliefs about gender and sexuality have come to dictate the terms of “authentic” selfhood in contemporary digital spaces. Best known for their role in web-based information management, security questions have a history in North America that stretches back more than a hundred and fifty years—from Irish immigrant banking in New York in the mid-nineteenth century, to the rise of personal computing in the 1970s and 1980s, to today. Across this history, security questions have been structured around heteronormative expectations about users’ lives and relationships. This is nowhere more evident than in the canonical security question, “What is your mother's maiden name?” To trace the evolution of the security question, this article surveys industry writings on authentication protocols from the 1850s to the present. It argues for a reevaluation of the often-unquestioned logics that perpetuate discrimination through technologies of data.