As we explained in the the second technique, many people use the same password at different places so, if we can find one them it will be easy to try it in other sites.
Passwords stored at the ISP might be more easy to find than in other sites, depending on the ISP used. Some of them don’t care too much for security or have employees who can be tricked with social engineering. It’s a shame that people who should be really conscious about security are sometimes the least informed.
A lot of times a single telephone call can be used to retrieve the password. If this doesn’t work and we know some advanced security we can try to find some bugs at ISP’s site, which sometimes are not as secure as they should be.
For us, as users, it’s quite difficult to defend from this type of attacks, as we must trust the ISP and its security. The only thing we can do is try to get information about past security incidents at the ISP, although this can prove difficult, as they don’t usually publish this kind of information. Luckily, every day ISPs give more importance to security so it’s more difficult to accomplish this attacks.
1 Response to “How to get a Hotmail password (V): Passwords stored at ISP”