0

How to outsmart a password hacker

The LinkedIn homepage.

David Brancaccio: More now following the theft of 6.5 million passwords from the business contact networking site LinkedIn along with hacks at the dating site eHarmony and the music site Last.FM.

Computer security experts say it's time to re-think passwords, as Christopher Werth reports.


Christopher Werth: You know those security questions you get asked in case you forget your password?

Graham Cluley: Where did you go to high school? Where did you meet your husband?

What is your mother's maiden name? Yes, it makes your account more secure, but those kinds of thing are easy to find the answer to if someone really wants them.

Graham Cluley of the online security company Sophos says the best thing to do is lie.

Graham Cluley: What I do is I will write something like Xena Warrior Princess. It's not as though Google and Yahoo are going to check what your mother's maiden name is.

Cluley says online companies are beginning to make their password questions more complicated and to require more of them because password hacking is becoming more common.

Ant Allan of Gartner Research says in the age of Facebook, where we share everything online, companies have to find more obscure questions that no one knows.

Ant Allan: A good sample question would be what was the name of your favorite stuffed animal as a child.

Problem is, he says, once he's told you what a good security question is, the less secure it is.

I'm Christopher Werth for Marketplace.

Log in to post0 Comments
With Generous Support From...