On Jun 16, 2009, at 8:52 AM, John Kaufmann wrote:
> But of course *that* is the question, isn't it? - how that happens?
It's pretty easy to figure out the user name of the owner of the HTML
files of a web site. Once you have done that, there are plenty of
lists of passwords floating around the Internet. Probably 99% of the
ones in use today are on those lists. Yes, people don't think that
anyone would ever guess that their password is "spock".
Look at Sarah Palin. Someone easily guessed her password on Yahoo
email. They did it with a little more sophistication than a password
they pretended to be her and got the lost password hint. 10 seconds on
Wikipedia and they were in.
I won't say what I use for passwords, but when it comes time for
security questions, I usually answer something completely "out there",
such as for "what is your high school" I answer "chocolate" and no, I
did not go to Hershey High.
BTW, have you ever gotten one of those "you have received an eCard"
emails, where there is no indication of from whom? Most of them
include a click here to see your eCard link which ends in .exe (a
windows executable file). For the heck of it, I downloaded one and
looked at it. It was an IRC client and a password guessing program,
complete with a fairly good list of passwords to try.
geoffrey mendelson N3OWJ/4X1GM
Jerusalem Israel geoffreymendelson@...