Is changing passwords for a hacked webservice a guaranteed way to reclaim a user’s account?

Dr.sunil V May 29, 2014

Is changing passwords for a hacked webservice a guaranteed way to reclaim a user’s account?

  1. Oron J
    May 30, 2014 at 10:00 am

    No. Resetting the password on its own gives your control over the account again, but the hacker could have already noted down your additional security information (date of birth etc and security questions), and may well pretend to have "forgotten the password" and regain access to it again.
    The information could also be used to help gain access to other accounts, so hacking one account is really just the start of a long journey... If you want to truly protect your account, you should:

    1. Change some of your security information and
    2. Set up two factor authentication, which will prevent the hacker from logging on even if they have all your details.
    • Drsunil V
      May 30, 2014 at 4:39 pm

      Thanks. Please tell , whether two factor authentication is page specific or can be done for any registered page. If for any page, is authentication same for every page?

    • Bruce E
      May 30, 2014 at 8:14 pm

      Two factor authentication can only be performed on those sites that support it and not all sites do. The second factor is frequently a code that is sent vis SMS to your mobile phone. it is unique to that particular site at that particular time for that particular user. Codes expire immediately after their use or after a predetermined amount of time (normally 10 minutes or less), whichever happens first.

    • Dr.sunil V
      June 11, 2014 at 5:11 pm

      I understand

  2. Drsunil V
    May 30, 2014 at 4:20 am

    Is it true that delay in resetting increases chances of user information hacked?

  3. dragonmouth
    May 30, 2014 at 12:27 am

    The only thing that guarantees is that the password is changed. You still don't know what information the hacker(s) got.

    • Drsunil V
      May 30, 2014 at 4:39 pm

      thanks. true

Ads by Google