Why security questions are important
Posted January 31, 2012
Sarah Palin was convinced her Yahoo email account was safe. She’d been running as John McCain’s vice presidential candidate for a few months, when her email account was hacked. Most of us would be scared to death if people could find out what we write and say to those people in emails. But a politician with ambitions of the White House? Talk about a recipe for disaster!
Palin’s account was hacked quite easily. A hacker simply reset her security question, which allowed him to change her password. So what exactly is a security question? Thanks for asking!
When you sign up for an email account, bank account, or a website that requires registration, you’re often asked to answer a few security questions. Those questions are designed to help verify your identity. So when you lose your email password, for example, you can reset it by answering the question you filled out.
That’s exactly what happened to Sarah Palin.
After discovering Palin’s Yahoo email address, the hacker was able to request that her password be reset. He entered her birthday, ZIP code, and then answered the security question Palin had chosen to accompany her account. According to reports, Palin’s security question asked the place she had met her husband. The answer? The high school they both went to.
All of that information was available online. A simple Google search revealed the answers to all of those questions within minutes. And in fact, that’s exactly how long it took this hacker to gain access to all of Palin’s most personal and private email exchanges.
It’s illegal to hack into someone else’s email account. But that doesn’t mean people aren’t trying to do it at this very moment.
Think of all the data you have stored in your email inbox. Birthdays, passwords, social security numbers, bank account credentials. Chances are, you have a ton of data in your inbox that could easily be used against you if someone were to access your account.
The Sarah Palin case illustrates why security questions are important, and the answers even more so. For information on choosing the right security questions, check out our website, at www.securitymatters.iu.edu