Palin Hacker Exposes Security Flaw in Security Questions

[countalpicola]

A number of sources over the past day or so have been filled with the story of Sarah Palin's email account being broken into by Anonymous. While there is certainly a lot to be said about this in the political arena, I find that I can't help but notice another really big story here that isn't getting a lot of press. It's a story which goes well

Comments

[nathanbp]

Yeah, I was surprised that no one mentioned that either... It's somewhat hard for e-mail accounts though. I guess they should call you up or text message to confirm a password change (My Chase VISA card will send password authentication codes through either e-mail or phone).

The failure of US Banks to implement 2 factor authentication seems pretty bad though. It's sad that my World of Warcraft account (with key fob) is better protected than my bank account.

[kalium]

That would require being willing to invest in infrastructure. That sort of thing hurts the quarterly profit reports, you know.

Mod parent up!

[ext_880]

The part of this that bugs me is that email providers like Yahoo provide better authentication than, oh, RBC Financial Group does for their personal savings, etc accounts.

I would rather use an RSA-token secured VPN.

But that's just me.