Not much going on today, so let’s set aside the pandemic for a day… and here’s a PSA of sorts… something to keep in mind.
There are always lots of fun little games floating around on social media… especially on Facebook… where it’ll ask you to figure out your stripper name or thug name or porn-star name… by combining something like your first pet’s name with the street you grew up on. Or maybe your middle name and the first car you owned.
I don’t mind revealing that my stripper name may be Tippy Cypress or my porn name may be Claudio Mustang… but the reason I don’t care is that none of those things are passwords I use anywhere, nor are they answers to security questions….
… and that’s the thing. Many people use exactly those sorts of words for passwords and security questions. Like when you lose your password, it’ll try to verify who you are by asking things like that… most commonly used to be “mother’s maiden name”, but most places now let you choose the questions and supply the answers. People will typically choose the questions with answers they’ll never forget… like the street you grew up on. Like your first car.
And somewhere… some bad guy… intent on stealing identities… now has a bit more to work with. If he already knows your name and email address and home address and phone number… there’s a lot he can do. People who wonder how it’s possible their online accounts were compromised… this is one way. And for bots who hammer away relentlessly trying to crack into accounts, throwing these few words into their mix of “things to try” can be very helpful.
Some suggestions… don’t use obvious answers to security questions. Don’t post your stripper name if it contains information that you’re suddenly realizing may be sensitive. Another strategy for security questions is use wrong answers you’ll never forget.
I was amused to hear of one guy who uses the word Buffalo for everything. Favourite city? Buffalo. Nickname you grew up with? Buffalo. Favourite animal? Buffalo.
Last aircraft you flew? Street you grew up on? Favourite style of chicken wings? Buffalo Buffalo Buffalo.
Some of you are now thinking, “Oh shit” and are running off to change some passwords and security questions and answers. Good call… go for it.
And for the rest of you, ok… one bit of pandemic news… I’ll share it because it’s good… today’s number of new cases in B.C (357) is the lowest since mid-February. That’s really good… no question about that.
I’m not quite able to calculate the slope, but the linear decline trend it pretty damned stable. If (big if) this trend were to continue, what would be the expected date of 0 new cases?
Having been vaguely in the cybersecurity space for a few years, I’ve had a bit of visibility into the prevalence of identity theft and hacking of passwords. Its rather terrifying just how bad the problem is, and I always want to smack people I see joyfully partaking in these phishing scams.
Oh, and if you’re an iOS user and haven’t seen it yet, got check out the passwords section of the settings (Android may have an equivalent). It now lists warnings for the passwords you’ve had it remember for you which it detects have been compromised or which are weak. Rather eye-opening, even if you think you’ve been contentious about password hygiene. There are just so MANY passwords required in modern life, and the whole concept is terribly broken.