Social Security. Do you suck at it?
There has been a lot of news recently on the topic hacked social media accounts, with the most publicised being the Associated Press pro-Syrian hackers hoax tweets that triggered a brief $200 billion downturn in the Dow Jones Industrial Average. A common question I see being asked as a result of this well publicised event is “how safe are your social accounts?”
The first point to note is that where the barrier to entry on any site which are protected by information alone there will be vulnerabilities. It is very simple, information such as a password can easily be obtained. That is why some of the major banks and Twitter are currently rolling out multi factor authentication, utilising the concept something you have (mobile) and something you know (a password) to provide greater levels of protection.
That’s right, in case you missed it Twitter will soon to roll out multi factor authentication but they are late to the game, Apple, Google, Facebook, Yahoo and Dropbox have had this available for customers in some instances for many years.
So if you are asking the question about social security, what have you done about it? The answer is probably nothing. The reason is that you did not even know it existed, or if you did you thought it was too hard (note: this is a conclusions that I have drawn, I have no evidence to support this claim).
If you do not adequately protect your logins then you deserve what you get. If you are thinking that the statistical chance of this happen to you may be low just remember, a statistic moves from being a number to something very real when you are the one impacted. To make you a little more concerned just last week Microsoft issued a warning that there is a new piece of malware that is masquerading as a Google Chrome extension and a Firefox add-on that is threatening to hijack Facebook accounts.
It is about this time that I throw in some stats on how low the uptake of multi factor authentication services are across the more popular sites such as Facebook. The problem is there is little evidence that I can find documenting any numbers. This is going to be something I am going to look into in more detail and I will share what I find on this blog, let me know if you have any interesting information you can share.