[bscphil]

I assume when people suggest putting random strings in these fields, it's implied that you're supposed to save that data in a password manager or something. Mine (KeePassXC) supports storing arbitrary data as "notes" in each entry, along with TOTP information (great as a backup in case you lose your phone), and other stuff.

I worry more that a particularly dull customer support agent is likely to be convinced by a random caller to reset the password if they can see that those fields are garbage.

[syntheticcdo]

Use randomly generated words. A CSR might be convinced by "idk I just put random words in there LOL" when the security question answer is uaisehf8wefjh0824m, but if they see "correct-horse-battery-staple" as the answer, it might be a bit harder to convince.

[checkyoursudo]

This is what I do, although like others mention I still use real words. I add my bogus answers to security questions as notes in my password manager. This method has worked well for me for a long time without any risk that I have discovered.