Sarah Palin's webmail hack reveals vulnerability

In an interview by Ted Bridis, the anonymous individual (who hacked Sarah Palin’s webmail account) admits to having obtained access to the name of Gov. Palin's Yahoo account through public sources. Most likely, it was the Washington Post that publicly disclosed the account's name. As the source went on to say, although guessing the Governor's password might have […]

In an interview by Ted Bridis, the anonymous individual (who hacked Sarah Palin’s webmail account) admits to having obtained access to the name of Gov. Palin's Yahoo account through public sources. Most likely, it was the Washington Post that publicly disclosed the account's name.

As the source went on to say, although guessing the Governor's password might have been a difficult matter, he didn't have to go that far. Yahoo lets an individual change his password if he claims to have forgotten it, and if he can answer a single “challenge question.” When someone needs to retrieve his lost Yahoo e-mail password, he gets a challenge question like this one. But is this the kind of question that anyone who knows this person can easily answer?

While Yahoo does employ an alphanumeric graphic pattern of random, distorted characters -- such as "sG3e0&" -- to disable automatic scripts from being able to hack into the system, the single challenge question could very well be, in the case of a very public figure, another fact that may end up in the public domain. In this case, the source said, the question was where the account holder first met her sweetheart? The answer was known to anyone who saw Gov. Palin's recent interview with ABC News: Wasilla High School.

Source:→ BetaNews