Saturday, March 13, 2010

What is your mother's maiden name?

Social networking sites are here to stay, and membership and participation in them is growing exponentially. I've jumped on the Facebook and Twitter bandwagon, and I have to admit, the allure is very real, the draw to share bits of wisdom and engage in exercises of narcissism is very strong. For those who are so inclined, they provide a format, as do these blogs, to share a lot about oneself-and indeed, people are sharing more private, intimate details than ever before. What we don't realize is, we are opening ourselves up for a very real possibility of getting hacked- and being invaded by evil doers intent on stealing your identity.

If you are like me, it is hard to keep track of all the blog, various e-mail, Facebook, Twitter and Internet passwords. I've heeded all the advice out there, and I have a strong alpha -numeric-symbolic- based password. Because I have a laptop, I have stopped the practice of letting my browsers store my passwords despite all their offers to save them for me. They must know my mind is leaking like a sieve. Sometimes I regret that - my mature and aging brain isn't good at retaining alpha-numeric-symbolic phrases. I've locked myself out of many a new account because I couldn't remember the password I created only days earlier.

Ah, but there is an Internet savior! Thank goodness for that little "Forget your password?" link found at the bottom of most log-ins. They were made for people like me-and many of times they have bailed me out of a memory pickle. You have used them too, once or twice, I am sure!

In most cases, clicking on the password reminder feature brings you to the secret question you created when you first opened your account.  Web-based services aren't the only ones who use this feature- I recall getting asked my secret question many times when I have had to call my bank to verify information or make a transaction. Think about write a check, you are passing out your routing number. What is to protect you?...your secret answer!
The secret questions are usually offered in an array of drop down options, a tried and true one is the ubiquitous, "What is your mother's maiden name," which is ridiculously easy for a hacker to determine. Or "What is the name of your favorite pet?" and so on. Should you have a synapse relapse, all you need to do is  enter the answer and Voila! the secret question is there to rescue you.

Now keep that in mind as we return for a minute to to social networks, in particular Facebook. Here we are, sharing our life away in status reports, news feeds, and that most indulgent feature of FB, the profile page, where we list who we are, what we like, where we live, what our birthdays are, who we are in a relationship with, how we vote, and who our friends are. You've set your privacy to "just friends" so you have nothing to worry about right?

Those friends...those 1300 friends- do you really know who they are? Are these Mob War playmates or true and trusted friends? And it is not just your friends who are peeking into your privacy!

Any application you allow in FB, grants the developer of that application access to your profile. The annoying snowball fights, the hearts, the candy, the flowers, the adorable kitten pictures, the quizzes, (what Rolling Stone song are you?) horoscopes, and your lucky day meter..all of them are written by third party developers with little or no oversight from Facebook. All my FB friends must think I am a snoot, because I never accept the invitation, though I do thank them for the thought via a wall post.

I am not snooty- I'm smart. Anyone with the time and interest can gather a pretty reliable picture of who you are- enough to take a good stab at the secret answers. I hate to spoil all the Farmville fun, but you should stay away from Facebook applications!!!

So here is what you should do. Create an incredibly incongruous phrase, e.g., "hot dog mamogram," and that phrase becomes the answer to any, ANY secret question. The phrase should not have anything to do with you, but it has to be something you will remember - something a hacker could not figure out. "Hot dog mamogram" would not be a logical answer for "Where did you spend your honeymoon?" so therefore it is a perfect answer for YOU to use. Some sites are now giving people the option of creating their own secret question- and that is good, but if you do select that option, please write a question that no one but you could answer or presume to even guess at.

Another practice I endorse is creating your own Internet birthday date. For instance, if your real birthday is July 1, 1965 create a new date that is one day and year higher or lower than the real one...July 2, 1966, and use that across the board when you are queried for your date of birth. Why should that be anybody's business? Facebook does not verify your information with your state's Department of Vital Statistics, at least not yet! Facebook uses your DOB to target ads to your news feed, and it provides valuable demographic data to all the owners of business pages you have fanned.

I have seen friends leave off the year, from their DOB. I guess they think that is a level of protection. But in the same profile, they will state the year they graduated from high school. Hmmm, you might as well just put up your DOB for everyone to see because you are not fooling anyone?  So, tweak that DOB just a little. I don't advocate putting up a false face. Making yourself 21 when you are 16, or shaving 10 years off to attract a romantic partner is dishonest. But a one day or year adjustment is a necessary little white lie and it is not going to shake up your virtual world- its purpose is meant to protect your privacy and identity. True, this technique goofs up all the Facebook well wishing a little bit- you will get your greetings a day late or early- but what is more important? a virtual slice of birthday cake or knowing your identity is protected?

No comments:

Post a Comment