Importance of a good security question


My parents were having problems sending pictures from Picasa via email and asked me to take a look.  Since we recently celebrated my sons 4th birthday with a Monster Truck party there were many pictures to be sent around so I jumped on it.  I take a quick look and the problem is that Picasa is not connecting to GMail because of password issue.  Nice, easy fix!

So I open a browser and visit Gmail.  I try to log in with what they had listed for a username and what I think the password is.  Didn’t work.  Ok, lets reset.  I go through the “Forgot my password” steps to reset the password.  The generic security question pops up and I answer it.  Voila, I can now reset the password.

Problem is, after logging in with the new password I realize that this is not their account.  Crap, I just reset the password for SOMEONE ELSE’S GMail account.  I wasn’t doing it maliciously, I honestly thought it was the right account.  Turns out the last character of the usernames were different.

I have emailed the owner to let them know what happened.  Hopefully they don’t make too big a deal out of it.  Moral of the story though, make sure your security questions are unique.  This wouldn’t have happened if the question wasn’t generic or at least was harder to answer.  Make your question something that only you would know.  Favorite color, middle name, maiden name, date of birth, high school, place of birth…..all equal FAIL.  Pick something good so I don’t pwn your account.  😉

Oh…and my parents are now able to send pictures, so all is good.


No Responses Yet to “Importance of a good security question”

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: