Friday, September 19, 2008

How safe is your Yahoo account?

This is a hot topic these few days.

Sarah Palin, the former Alaska's governer, had her yahoo account being hacked. What the hacker did was simply getting her date of birth and home postal code, and subsequently manage to havest her secret answer from her rally speech. And that secret is "Wasilla high".

Simple enough? yes, that's a perfectly flawed security measure nowadays given that information is everywhere, some disclosed publicly thru speech, blogs and wikis and some acquired via social engineering.

That remind me of the importance of SSO, single sign on. Which essentially an attempt to not only streamline authentication systems, but also avoided a major problem of today's growing number of systems with authentications. I bet you have to remember at least 20 logins for 20 different sites, of which... 18 of them are using the same password!

Ok guys, time to revise my yahoo account's secrets. (and yours too)


No comments: