Regarding my previous post on how Palin’s email was broken into, it turns out I was dead on. Security questions are just a bad idea.

Alaska Governor and VP nominee Sara Palin’s yahoo account has been compromised, evidently by the group “anonymous“. (Is her fantasy football team okay?) I’m going to go out on a limb now and make en educated guess on how this happened. Chances are they won’t reveal how it actually occurred, but given the situation and given what I know about Yahoo email accounts, I’m fairly certain I know how it happened. Yahoo employs “security questions” if you forget your password. In the past you had to know a person’s zip code, birth date, and the answer to one “security” question to reset an account password. As of when I checked just now the procedure has changed to be just a security question. The problem for someone like Palin is that in the last month or so, every fact about her life has become public. It would be trivial to find out her zip code, birth date, and just about everything else about her that could be used as a security question. This makes it easy for a hacker to use this “security feature” to gain access to the account.

The truth is, all of those “forgot my password”links are usually great ways for hackers to break into accounts.