Is there anyway people can hack gmail , hotmail or other mail services easily?
Printable View
Is there anyway people can hack gmail , hotmail or other mail services easily?
Most sites, failbook, snotmail, etc.....have a password recovery system. If you know the person at a "stalking" level you would be able to compromise their accounts.
"Come witness the failure in the system!!".
I would say no, not these days. If you look at people who claim to have had their accounts "hacked" it wasn't really hacking as such, more like stupidity on their part (Sara Palin anyone? :D)
bludgeon has mentioned one of the most common exploits to "compromise" an e-mail account. Always lie when filling in the password recovery data ;)
Others are:
1. Lack of physical security............never store login credentials where your kid brother can access your machine.:eek:
2. Always logout properly, and clear the internet cache if you are using a machine to which others have access. You don't want to leave an open session for someone else do you?
3. Watch out for insecure public hotspots, your traffic might be sniffed.
I would only rate #3 as close to hacking, and it is probably the least likely.
Social engineering is quite common. Many people use the same password for everything.
Discover one for an unimportant account and gain access to all of that person's other accounts.
Yes social enginuity...like starting an sms convo for the sole purpose of obtaining a victims IP addie.
:D
Yahoo still has a few web APIs that allow for account brute forcing.
That I find surprising in this day and age, as it isn't that difficult to implement a three strike rule.Quote:
Yahoo still has a few web APIs that allow for account brute forcing.
I suppose the mitigation is that each trial takes so long that a brute force attack against a reasonably long and strong password would be far too time consuming?
Yes, and it is mostly due to user error. One would use the same password for everything, and would let friends log into their computers.
I would suggest a simple pattern of ten characters long or more consisting of two lower case letters, two upper case letters, two numbers, and two special characters. Something like this: 8p-mt+hXZT, and also change it occasionally, maybe every six months.
I have 39 passwords, a different one for each website I visit, which I change frequently as 6 months, but it depends on the information for the specific site.
I save the passwords on a .odt file which requires a password, and I keep that in an encrypted directory. Paranoid maybe, but I know it is safer than many.
Edit: Were you asking how to hack, or just asking in general of the security of the email websites?