Computerworld (http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9115187) reports that the tactic used to access Sarah Palin's email account last week can work work with any account that requires knowing the username and guessing the answer to a single security question. This includes Gmail, Hotmail, Yahoo, and many others.
All you need to know is a mother's maiden name, name of a pet, name of high school, or a tidbit of information that is relatively personal but not impossible to find out.
Should you be concerned? I mentioned in a previous post (http://www.networkworld.com/community/node/31783) that one of my websites had been hacked. That one didn't have a personal question (or email address) that was easy to guess, but it is definitely disconcerting to discover someone has gotten into something. So try to use personal questions that are harder to discover the answers for!
Kerrie Meyler, a Microsoft MOM MVP, is an independent consultant and trainer with more than 15 years of Information Technology experience. A previous senior technology specialist at Microsoft, she focused on infrastructure and management solutions, presenting at numerous product launches. More recently, she presented on Operations Manager 2007 and gave several podcasts at TechEd 2007.
Kerrie has worked with Microsoft Learning to develop Microsoft Official Curriculum (MOC) for several courses, including the Implementing Microsoft Operations Manager 2000 course, and did the beta teach for that course.
Kerrie is the lead author of Microsoft Operations Manager 2005 Unleashed and Microsoft System Center Operations Manager 2007 Unleashed
Check out an excerpt from System Center Operations Manager 2007 Unleashed, Chapter 3: Looking Inside OpsMgr.
|
|
Post new comment