Corrine Posted June 8, 2012 Share Posted June 8, 2012 Protect answers to password reset questions with pen-and-paper, by Aryeh Goretsky. In part: With the recent announcements of password breaches at LinkedIn, and warnings from Google about state-sponsored attacks on Gmail accounts, it seems like a good idea now to review some password security basics. In this blog post, we’re going to take a look at a rather low-tech solution to a decidedly high-tech problem: How to guard against password reset attacks, and where to securely store the answers to your password reset questions. Even if you use highly secure passwords, it is possible someone might still be able to compromise your account if they were able to gather enough information about you to know—or at least guess—the answers to your password reset questions. Many services use the same questions, e.g., your mother's maiden name, the name of the town you were born in, the name of first pet and so forth. Because similar questions are used over and over again to reset passwords, it can be fairly easy, even somewhat boring, for an attacker who gathers this type of information to use it to gain access to all sorts of accounts one might have, across services ranging from those which are purely social to financial institutions, or even identity theft. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted June 11, 2012 Share Posted June 11, 2012 Thanks Corrine and Aryeh! Quote Link to comment Share on other sites More sharing options...
.thumb.jpg.7c3caaf218a75d76e16db7a5bddfb463.jpg)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.