That may be vulnerable to social engineering if the person on the other side accepts "I'm using a randomly generated string of letters" as an answer :). So if your password manager accepts user-provided passwords, I'd just string two or three random words together and use that as the maiden name.

Never understood those kind of "security" questions. Is the site really going to hand out access to my account if that question gets answered correctly?

Also, some sites don't allow you to not set up one, so it's like forcing users to open up a new vector to be hacked.