What Security Question means to security…?

Posted in Labels: , , | 8:45:00 AM




Recently, one of my friend‘s face book profile was hacked. You know why...? His security question was-“What is your name..?” Stupid enough right..?   Most of our social networking sites drain out a significant amount of money, computing capabilities and other resources for enabling security. But I strongly believe that Human is the weakest part of security and my conviction grows stronger day by day. Many users maintain weak security questions. On an average 1 out of every 10 Facebook accounts are hackable just because of this vulnerability.  
Any online account has two elements – a login ID and a password. Login ID help the server to identify the account and the password helps the server to make sure that it’s providing access to the right guy. Maintaining a strong password (About Strong passwords, I’ll post soon) is essential for security. Cracking a strong password by guessing is as hopeless like searching for a needle in a haystack. But for an attacker there is an easy alternative – ‘The Security Question’.

The security question is a question which if answered by someone they could get access to an account either permanently or atleast temporarily. Maintaining a good security question is a million times as important as maintaining a good password! This is because; always an attacker has better chances of guessing an answer than an arbitrary password. Most often people have security questions like – “What’s my Phone number” or “What’s my Living Place” and most often such information are publicly visible on their profile’s. In that case even kid’s won’t find a difficulty in hacking u down! Well to maintain a good security question follow these tricks :
  • Choose questions you can answer consistently. If you answer the security question "What is your favorite hobby?" with "golfing," the system will reject "golf" in the future.
  • Use one-word answers whenever possible. Avoid qualifiers such as "the," "and," "inc.," "co," etc.
  • Note the emphasized words in the questions. For example, if your security question is "What is your current best friend's FIRST NAME?" don't put "John Smith."
  • Be careful with people's names. When using a friend's name as an answer, make sure to use his or her familiar name. That is, if you call your friend "Jimmy," don't use "James" as your security answer.
  • Pay attention to instructions. If the question asks for your wedding anniversary, note the preferred format (MMDD).
  • Be careful with spaces. If you use "El Paso" as an answer to one of your security questions, the system will reject "ElPaso."
  • Avoid using quirky or nonsensical answers. You probably won't remember them later.
  • Do not use profanity

Comments

Subscribe to: Post Comments (Atom)

  • Disclaimer

    This Site may contain articles related to "Hacking" but they are hosted in our site for educational purpose only.They are meant to give a better insight to the recent cyber threats. Neither Te-Bay nor it's contributors will be responsible for any damage arising from misuse of information hosted here . If you are not willing to accept these conditions, please stop using this site and the information hosted here.

  • Search

    • Buy & Get Lucky On Te-Bay

    Cheapest & Genuine Online Store
    Flipkart.com

    We Are Hot Favorite For...

      Subscribe 2 Our Newsletter

      Enter your email address:

      Delivered by FeedBurner

      Join our Community