Sarah Palin's E-Mail
People have been asking me to comment about Sarah Palin’s Yahoo e-mail account being hacked. I’ve already written about the security problems with “secret questions” back in 2005:
The point of all these questions is the same: a backup password. If you forget your password, the secret question can verify your identity so you can choose another password or have the site e-mail your current password to you. It’s a great idea from a customer service perspective—a user is less likely to forget his first pet’s name than some random password—but terrible for security. The answer to the secret question is much easier to guess than a good password, and the information is much more public. (I’ll bet the name of my family’s first pet is in some database somewhere.) And even worse, everybody seems to use the same series of secret questions.
The result is the normal security protocol (passwords) falls back to a much less secure protocol (secret questions). And the security of the entire system suffers.
EDITED TO ADD (9/25): Ed Felten on the issue.
Rev Matt • September 24, 2008 4:22 PM
I’ve said it before, sloppy thinking is the answer. At one point I accidentally used my childhood best friends’ first pets’ name rather than my own first pets’ name. The chances of anyone guessing that are very very very slim indeed. Now giving wrong answers to some of the security questions is part and parcel of my strategy. I also use long passphrases that include acronymns, misspellings, and random characters.