SecurityOracle.com - Latest Security News, Weak Online Security Checks 'Putting People At Risk'
  security vacancies and security news
 
The Security Industry's Portal
Thursday, September 02, 2010
Featured Company
Camberford Law Plc
Insurance Brokers to the Security Industry

News Story

Weak Online Security Checks 'Putting People At Risk'

Weak Online Security Checks 'Putting People At Risk'

Date: Tuesday, March 09, 2010
Source: Telegraph


Common security questions need to be replaced with more complex identity checks to prevent fraud, say researchers.  
 
Personal security questions are used by a variety of websites, including those of banks and credit card firms, to verify the identity of the person attempting to log on to the site. Photo: PA The study, conducted by researchers at the University of Edinburgh, found that fraudsters would be able to break in to around one in 80 accounts if given three chances to guess the answer to common questions, such as a mother's maiden name or name of a first school or first teacher.

Personal security questions are used by a variety of websites, including those of banks and credit card firms, to verify the identity of the person attempting to log on to the site, or to authorise changes to login details and passwords.

The study investigated how easy it was to guess or stumble upon an answer to a question if nothing was known about the potential victim.

"The numbers were worse than we thought," Joseph Bonneau,the lead researcher, told the BBC. "Asking what was the name of someone's first grade teacher seems like a secure choice. The problem is that there's a tonne of teachers out there named Mrs Smith."

The team said that many websites were considering making it much harder to access or reactivate accounts than by answering a series of simple questions. Some sites could ask users three questions before it allows users to reset a password, while others are considering sending password reminders by text message.



To see the article please click on the link below.



Telegraph

<< Back Print Article Send to a Friend >>
Security Links Contact Us Security News Archive About Us Advertise Disclaimer Site Map
Copyright 2008 - NSI (HQ) Ltd

Weak Online Security Checks 'Putting People At Risk'

Weak Online Security Checks 'Putting People At Risk'

Date: Tuesday, March 09, 2010
Source: Telegraph


Common security questions need to be replaced with more complex identity checks to prevent fraud, say researchers.  
 
Personal security questions are used by a variety of websites, including those of banks and credit card firms, to verify the identity of the person attempting to log on to the site. Photo: PA The study, conducted by researchers at the University of Edinburgh, found that fraudsters would be able to break in to around one in 80 accounts if given three chances to guess the answer to common questions, such as a mother's maiden name or name of a first school or first teacher.

Personal security questions are used by a variety of websites, including those of banks and credit card firms, to verify the identity of the person attempting to log on to the site, or to authorise changes to login details and passwords.

The study investigated how easy it was to guess or stumble upon an answer to a question if nothing was known about the potential victim.

"The numbers were worse than we thought," Joseph Bonneau,the lead researcher, told the BBC. "Asking what was the name of someone's first grade teacher seems like a secure choice. The problem is that there's a tonne of teachers out there named Mrs Smith."

The team said that many websites were considering making it much harder to access or reactivate accounts than by answering a series of simple questions. Some sites could ask users three questions before it allows users to reset a password, while others are considering sending password reminders by text message.



To see the article please click on the link below.



Telegraph

Courtesy of SecurityOracle.com - The Secury Industry's Portal