For those who aren't technical, here's the English explanation of the descriptions
- The orange one is what most people think of when they think hackers are hacking into their account - they find a vulnerability in Facebook's security and steal all the user ID's and passwords. This is why you should have a DIFFERENT password for every site - that way a breach on one site doesn't make you vulnerable on another.
- This is why you need anti-virus software, and more important, why you should be careful about what you click on. In most cases, a cute kitten move is a cute kitten movie, but you shouldn't have to install a Facebook App to see it, if you do - move on. Lots of cute cats everywhere.
- Yep. People do tell other people their passwords all the time. Do you have friends who might like to play a nasty practical joke where you tell off your boss on Facebook, or maybe an ex who holds a grudge, or maybe you were telling your wife your password over the phone and the guy behind you listened in. . .
- This is more of an issue on shared computers - particularly in a University or other public computer lab setting. You finish updating your status and leave without logging off - the next person to sit down sees a golden opportunity to cause some mayhem in your life by putting up an unflattering status update.
- Yes, hackers exists who look to cause damage or steal money.
- Yes, you could be a target
- Yes, hackers who do those kinds of things should be prosecuted.
- And finally, yes you do need an antivirus program and a firewall.
That said, your risk of being attacked by a hacker who breaks into your computer, or one of your online accounts is pretty small. With all the millions of people on the Internet, you just aren't that big of a target, unless your name is Bill Gates, Mark Zuckerberg, Barack Obama, or Warren Buffet.
While the graph is tongue in cheek, is is relatively accurate with a minor change - add a 5th category that takes up about 1/2 the blue area - and call it "Your Password reset question is easily guessed."
The final issue is this - most password reset questions are stupidly handled. While I recognize the need to have the ability to reset a password, it needs to be better thought out. Here is a typical reset question:
Where did you go to High School?
The problem is, here is part of my profile from Facebook.
Yes, I could remove it, but I consider it public information, and it does allow people from my past to find me or see if I'm the correct "me". But as a password reset question, there are only a few possible permutations that it could be (Memorial, MCHS, etc). A data miner could guess it pretty quickly.
So what is the solution? Don't answer the question exactly as it appears. Use it as a hint to come up with a secondary password.
While I don't use this particular answer anymore (it was changed a couple of years ago) I used to answer this kind of question with Okotoks - which was where the high school team I was on won the national championship and I personally picked up 5 medals. My high school is not in Okotoks, I've never lived there, or been there since, but I remember that day very clearly. You could also use your favorite subject, teacher (or least favorite).
And about your mother's maiden name, it's easy to find out. But instead of using her real maiden name, consider using you know about her. (Like the name of the city where she met your dad, or even her shirt size).
Stay safe out there, but you don't have to worry about the hackers out there. Like the joke that says you only have to outrun your friend when chased by a lion, you only have to be a bit more careful than the other guy to be okay on the Internet.
(While it's not a picture of a cute cat, I hope this picture is good enough)
It's been a long day . . .
No comments:
Post a Comment