Hello,
I was just going through what improvement have our Email providers and social networking sites had done in recent past.
I first looked into Facebook which is the most happening social networking site in the world. I felt happy when they brought some methods to stop hackers logging into someones account even though you have their login details. This works by the Geo IP location, say If I had logged into the account from USA today and I have been using this profile from Australia for the past 3 months, I will be challenged with the new security measure introduced my Facebook.Below is the step by step procedure of this process.
Step 1: type the hacked username and password as normal, but you will get the following mesage as shown in the picture. Click continue.
Step 2; Type the text shown in captcha as shown below
Step 3:you can see the tree option to prove your the owner of the account.
Step 4: Here you need to select any one option but unfortunately all three options have some drawbacks.
option 1: "Identify photos of friends"
The way I tried is, simply doing some social engineering or in simple words studing the profile of the account you are trying to hack.
All I did is, made a search on my Facebook account for the email which I am trying to hack. That will bring back the profile holder of that mail id, then yu just need to go to his friends list and start to search for the name that has been given as the option 70 % of the user has the habit of using their picture as the profile picture so you can straight away compare the picture on the option and the profile picture of the person you are looking for if both matches you can select that name and move on to the next picture. If you identify 5 person on the 7 slides you will get into the account.
This method can be done by anyone and if the account you are trying to access is your friend it is much easier, you can pass through this security test.
Option 2: "Answer the security question"
Again it more about profiling the individule and we can make out very easily.
. Option 3:" Use your mobile phone"
. This is something like what gmail has, since they realized the loophole in that they had now went to two step protection which is safer at the moment. We will discuss about that next time. Let me give you a scenario, if you are sharing your house and you had left your mobile at the couch and you went to get some coffee, person next to you can easily go for this option and get the access code and reset your password by the time you come back.
Remember most of the time the person who want to hack you account is the person you know well. I also suggest people not to use your photo as the profile picture and change your account settings so your wall and photos are not visible to everyone. So I still think Facebook should improve their security. What do you guys think about this??
Step 1: type the hacked username and password as normal, but you will get the following mesage as shown in the picture. Click continue.
option 1: "Identify photos of friends"
The way I tried is, simply doing some social engineering or in simple words studing the profile of the account you are trying to hack.
Option 2: "Answer the security question"
Again it more about profiling the individule and we can make out very easily.
. Option 3:" Use your mobile phone"
. This is something like what gmail has, since they realized the loophole in that they had now went to two step protection which is safer at the moment. We will discuss about that next time. Let me give you a scenario, if you are sharing your house and you had left your mobile at the couch and you went to get some coffee, person next to you can easily go for this option and get the access code and reset your password by the time you come back.
Remember most of the time the person who want to hack you account is the person you know well. I also suggest people not to use your photo as the profile picture and change your account settings so your wall and photos are not visible to everyone. So I still think Facebook should improve their security. What do you guys think about this??
No comments:
Post a Comment