Wednesday, January 17, 2007

Google Password Strength? Sucks!

I'm a big Internet security nut. I love pitching security clients and digging up new trends on botnets, IRC chat rooms, keylogging, spam, phishing, Man in the Middle attacks and hearing about how teenagers are hacking into our nation's biggest companies. I often wondered about why threats keep growing more severe. Are hackers ahead of the game or are security vendors lagging? That is the question that often comes up.

I think I know why. When I was signing up for this blog, I also needed a Google account. But as I typed in my desired password, the strength of my password was revealed. As I mixed in letters, caps and numbers into my password, I got the desired "strong" password rating.

Don't worry. It gets better. The security question in case you forget your password is a choice of library card number, frequent flyer account number, first phone number or first teacher’s name. I honestly don't remember any of those...

If this is suppose to make me confident in using Gmail or Blogger? No wonder hackers are laughing as they collect money using free online phishing kits.

No comments: