Sarah Palin learns about password security the hard way

News reports that vice presidential candidate Sarah Palin’s personal email was hacked and posted on the Internet brings national attention to the growing problem of online security.

The group who invaded Palin’s Yahoo account likely gained access through an attack on Yahoo’s password recovery system. It’s estimated that more than 21 million passwords are stolen every year. For those who aren’t celebrities, cyber snooping is likely to be done by somebody you know; 47% of all identity theft is perpetrated by friends, neighbors, fellow employees, family members or significant others.

Passwords are hacked in one of the following ways:

• Brute Force: hacking software available to anyone online, these services attempt to guess your password over and over until they break in.
• Challenge/Response: to recover a password, you’re asked questions you answered when you set up your account, usually easily attained information.
• Social Engineering: such as “phishing”, the user is tricked into divulging his password through an email or phone call.

Tara Kelly, Co-Founder of Passpack said:

Even the most secure website is only as strong as the password you create; your best defense is to create unique, complicated passwords and to utilize a password manager. A brute force attack can guess a weak password within minutes.