Anything can go here, in any language... except my native language Sinhala. Be cool... anybody is warmly welcomed! :)

A Childish Attempt Made to Hijack my Gmail Account


Today, I've received an email from Google (accounts-noreply@google.com) subjecting Google Password Assistance. Google sends this email when somebody has made an attempt to reset the particular Gmail account's password. But, this request is not initiated by me.

Google password reset process works as follows:
  1. User enters the Gmail address into the password reset form.
  2. Using CAPTCHA, Google verifies that the request is not made by truly a human.
  3. Google uses either of the following methods to verify the account ownership.
  • If the Gmail account was inactive during the past 24 hours, Gmail asks for the security question which the account owner has provided during sign up.
  • If the Gmail account was not inactive, it sends an email to the secondary address that is provided during sign up.
  1. After the verification of account ownership, it enables the user to choose a new password.
In my case, somebody has made the attempt, and Google has sent me the password reset email. Well, I have reset my password -- I periodically do so. :) So thanks to the poor guy who made the attempt. :P

Anyway, how do we prevent such vulnerabilities? Here's what I think:
  • Use at least two email accounts. Use each other to receive password reset emails. Eg: set your Yahoo! address as your Google account's secondary address and set your Gmail address as your Yahoo! account's secondary address.
  • Try to access those accounts frequently.
  • Use ambiguous Q/A pair as the security question and answer. Use your own tunes with creativity. I know, this can go INSANE!!! Eg: Q - Where did you spend your honeymoon? A - Cloud #9

OK. Anything else does not come to my mind this time. May be later I might add more. By the way,....... who might want to hijack my Gmail account? I still don't have an answer. :-?




Well, there might be several bloggers who want to do this adventure. :D

Thank for reading!

Comments (0)

Followers

Subscription Options

 Subscribe in a reader

or

Enter your email address:

and
to inscrease

and make me happy. :)

Other Blogs by the Author

The Author

My photo
Ambalangoda, Southern Province, Sri Lanka
Shaakunthala works as a Systems Support Engineer at a World's leading IT solutions company. A wannabe hacker, FOSS enthusiast, cat lover and an insane motorcyclist. And he comes from Sri Lanka!! :)

www.shaakunthala.com
www.flickr.com
ශාකුන්තල | Shaakunthala's items Go to ශාකුන්තල | Shaakunthala's photostream
Related Posts with Thumbnails