Attackers can crack 1 in 80 Accounts
This is an interesting study and the findings are very useful to improving email security, particularly with webmail type services like Gmail, Hotmail and Yahoo. They found in this study that attackers were able to crack one in eighty accounts by guessing answers. The results surprised the group conducting the study, they did not anticipate it would be this statistically easy to do. So word to the wise, use the more complicated verification answers whenever possible if you want your accounts to remain secure. We're usually given a number of choices when we sign up.
Weak security ID questions put e-mail at risk
Questions used as security checks on websites need to be replaced by more complex tests to establish a person's identity, say researchers.
A study has shown how easy it is to guess the answer to common questions, such as someone's mother's maiden name.
It found attackers will be able to break into 1 in 80 accounts if they get three chances to guess answers.
"The numbers were worse than we thought," said Joseph Bonneau, the lead researcher on the study.
They found that an attacker would get an answer right every 80 accounts, provided they got three chances to try.
Some were experimenting with making webmail users nominate five friends that would be contacted in the event of them forgetting their usual password. Only when they had contacted three and got information sent to them could the password be reset.
Read more at news.bbc.co.uk
2 Comments
Leave a comment