Tinker, build, hack, preferably with APIs.

Simple trick to make your accounts more secure

Q: what do the hacking of Sarah Palin's email account and the exposure of hundreds of confidential Twitter documents have in common? A: Hackers broke into both the same way—not by knowing the password, but by figuring out the answers to security questions.
While people have gotten better about choosing good passwords, those are just the keys to the front doors. What happens when you've forgotten your key? You get in through the "back door", which is usually locked with questions like, "What street did you grow up on?" and "What's your favorite food?" Many of the answers to these questions can be guessed with clever Googling. And if you've ever used a Facebook Quiz or App, you've granted it access to a wealth of personal data. Whether or not a developer has evil intentions, that data goes into a database somewhere, and THAT database could get hacked (Facebook's terms of service won't stop the leaks). If you assume the worst—that the answers to those questions are discoverable—then how can you secure your account? Like this:
  1. Pick a short phrase, like "supersecret23" (shhhh, don't tell it to anyone!)
  2. Pre- or append it to the answer of every question on every service
Example: What's your father's name? Old answer: rob New answer: supersecret23rob Now that you've got a system in which only you can know the answers, the only thing left to do is to go to all the important services you use and update the answers to your questions. Oh, and you should probably write down your magic prefix/suffix somewhere safe. One last tip: you may not think of your email as something requiring high security, but you should, since many services will send a magic link to reset your password via email.
blog comments powered by Disqus