Password reminder hints help only hackers
A new study by Carnegie Mellon University and Microsoft Research has shown that the password reminder questions used by most websites don't help users very much in case they do really forget their passwords, but are quite easy to exploit anyway.
The answers to questions that rely on users' personal information were likely to be guessed by close friends or relatives, and could also be guessed by strangers using statistically probable information or simple random guesswork. Websites commonly ask for users to select from questions about personal details such as a place of birth, favorite pet's name, or favorite historical fi gure. While answers to some of these could be known to friends and family or found on social networking site profi les, others could simply be guessed based on general statistical trends. It may be recalled that US Vice Presidential candidate Sarah Palin's personal email account was compromised in this way not too long ago.
Enjoy.......
No comments:
Post a Comment