HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » General Discussion (Forum) » Kill the Password: Why a ...

Wed Nov 21, 2012, 08:56 PM

 

Kill the Password: Why a String of Characters Canít Protect Us Anymore [View all]

By Mat Honan
Wired
Nov 15, 2012

-snip-

Since that awful day, Iíve devoted myself to researching the world of online security. And what I have found is utterly terrifying. Our digital lives are simply too easy to crack. Imagine that I want to get into your email. Letís say youíre on AOL. All I need to do is go to the website and supply your name plus maybe the city you were born in, info thatís easy to find in the age of Google. With that, AOL gives me a password reset, and I can log in as you.

First thing I do? Search for the word ďbankĒ to figure out where you do your online banking. I go there and click on the Forgot Password? link. I get the password reset and log in to your account, which I control. Now I own your checking account as well as your email.

This summer I learned how to get into, well, everything. With two minutes and $4 to spend at a sketchy foreign website, I could report back with your credit card, phone, and Social Security numbers and your home address. Allow me five minutes more and I could be inside your accounts for, say, Amazon, Best Buy, Hulu, Microsoft, and Netflix. With yet 10 more, I could take over your AT&T, Comcast, and Verizon. Give me 20ótotalóand I own your PayPal. Some of those security holes are plugged now. But not all, and new ones are discovered every day.

The common weakness in these hacks is the password. Itís an artifact from a time when our computers were not hyper-connected. Today, nothing you do, no precaution you take, no long or random string of characters can stop a truly dedicated and devious individual from cracking your account. The age of the password has come to an end; we just havenít realized it yet.

More: http://www.wired.com/gadgetlab/2012/11/ff-mat-honan-password-hacker/all/

34 replies, 10239 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 34 replies Author Time Post
Reply Kill the Password: Why a String of Characters Canít Protect Us Anymore [View all]
UnrepentantLiberal Nov 2012 OP
wildbilln864 Nov 2012 #1
customerserviceguy Nov 2012 #2
Canuckistanian Nov 2012 #9
TheBlackAdder Nov 2012 #12
wtmusic Nov 2012 #27
3c273a Nov 2012 #3
Posteritatis Nov 2012 #4
XemaSab Nov 2012 #10
ProfessionalLeftist Nov 2012 #5
gtar100 Nov 2012 #30
Shankapotomus Nov 2012 #6
behindthe8ballnchain Nov 2012 #7
AsahinaKimi Nov 2012 #8
wtmusic Nov 2012 #11
UnrepentantLiberal Nov 2012 #13
Jim Lane Nov 2012 #14
UnrepentantLiberal Nov 2012 #21
wtmusic Nov 2012 #26
RomneyLies Nov 2012 #19
wtmusic Nov 2012 #23
Edweird Nov 2012 #15
NYC Liberal Nov 2012 #16
hobbit709 Nov 2012 #17
MyNameGoesHere Nov 2012 #18
Tracer Nov 2012 #20
backscatter712 Nov 2012 #25
Egalitarian Thug Nov 2012 #22
backscatter712 Nov 2012 #24
gtar100 Nov 2012 #28
unblock Nov 2012 #29
SWTORFanatic Nov 2012 #31
mrsadm Nov 2012 #32
UnrepentantLiberal Nov 2012 #34
cherokeeprogressive Nov 2012 #33