Thursday, October 09, 2008

Cyber Security Awareness Tip of the Day: October 9

Today we have a very timely tip from Digger at Freedomlist:

October 9 Tip of the Day:
"Try not to use easily findable information for your security questions. For examle, your mother's maiden name is a matter of public record. Sarah Palin's yahoo email address was "hacked" just because someone figured out her zip code and the answer to "Where did you meet your Husband" (Wasilla High)

(This also relates back to the October 1st tip: People on social networking sites like to pass around surveys with questions that reveal a lot of personal information that could be used by identity thieves, there is lots of potential for overlap between social networking surveys and "security questions".)"
As Harry Waldron explains in How Sarah Palin's Yahoo email was Hacked:
Security questions are your MOST IMPORTANT safeguard in any web based facility where a password can be mailed back. If the 3 questions are easy to guess, any unauthorized person could gain entry (e.g., family member, friend, or criminal). When it comes to security questions, it's good to be "less forthcoming" by misspelling or using incorrect answers. As a best practice, ensure that only you know the answers to the password-reset questions.
Harry also included the following references in the referenced article:
How Sarah Palin's Yahoo email was Hacked

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: