Security and Technology Ramblings…

If you’ve heard about Sarah Palin’s Yahoo email account being broken into, one thing to take notice of is how they did it.

http://blog.wired.com/27bstroke6/2008/09/palin-e-mail-ha.html

Have you ever noticed how online accounts will ask you personal questions that you can use later to reset your password? Mother’s maiden name? What zip code do you live in? What is your favorite food? Well, be careful on how you answer these. A lot of this information is available just by searching for the information online.

It this case, it turns out all the hacker needed was to lookup three things. 1) Her Birthday 2) Her Zip Code and 3) Where she met her husband. Only the third one took a while to find.

My recommendation is that you not use the “real” answers for these questions. Yeah, I know it’s going to be harder to remember, but make stuff up for these answers. Otherwise, you are making it easier for people to get into your accounts.

Just a few thoughts on a Monday afternoon.

One Response to Sarah Palin’s Yahoo Email Account / How to break into someone’s online account…

  • you could also spell it backwards, or add a suffix to all the answers. Like if your mother’s maiden name is Smith, you could answer Smith123 or htims.

Leave a Reply