"Franz Xaver" are common first and middle names here. (I don't have a middle name either though)
As for assigned usernames made from initials - at my university I was always "hot32621"
Anyway... great timing for the comic (as always with xkcd, reading the geeks' collective mind). Just yesterday my colleague and I were talking about SQL injections, and I said
I wrote:...excuse me while I go publish a paper titled "SQL Magazine'; Drop Table BASObj;--" just to break your import code
Guess this is the "high tech" version of using the first name "nobody". "Who did that?" yeah.
In one of the Delphi projects we're currently updating to C#, we found an unhelpfully named function (about a screenful of lines) that takes a char and loops through it, resizing the array (!) to escape any single quotes it finds and then return it as an "sql-safe" string.
I admit I do still use string concatenation to build my SQL statements, but I ALWAYS add a handy .Replace("'","''") to any string parameters and do not pass through numeric field values that failed to Int.Parse().