I noticed someone is accessing my yahoo mail and sending dirty mail to my friends. When I informed this to my EDP section, the guy there told me that "someone" must have sent some email with trojan virus to me and when I opened it, the sender of the mail got my password. Please let me know if this is possible.
2006-06-22 21:36:53 · 3 answers · asked by tom 1 in Computers & Internet ➔ Security
you woulda had to save the trojan to ur PC and you would have had to have executed it before they could have remote access. that, or they had a fake "register your email blah blah" where they asked u to write your login with password and reply it back to the sender. thats an easy way, works everytime (almost) thats how oldschool hackers did it. other then that, no. the trojan thing is bogus. change ur password.
2006-06-22 21:39:05 · answer #1 · answered by Oh, Natey-O! 3 · 11⤊ 1⤋
A little about Passwords my friend....
.The key is not how complex you can make a password.
The key is how will an attacker defeat it.
So, a simple password is sufficient if the attacker will not have enough chances (statistically) to defeat it. This is easy to accomplish by having a time delay between authentication attempts or a lock-out period. But this is only sufficient if you have a person actively monitoring the authentication logs.
Example: Suppose you have a list of 10,000 common words. You take a random word, a digit (0-9) and another word, that will give you 10,000 x 10 x 10,000 possible combinations (1,000,000,000 or "one billion"). So, if you get 3 guesses before you're locked out for 15 minutes, then you can guess 12 passwords an hour ... 288 a day ... 864 over a 3 day weekend. Round that up to a thousand and it's still a "one chance in a million" to guess the password over 3 days of trying.
As long as there is someone reviewing the logs, the attempts will be noticed and actions can be taken before there is any real chance of your password being cracked.
And WordNumberWord is not that difficult to remember.
Now, this is NOT a good practice for passwords for encrypted files or anything else that can be cracked off-line.
You would #*^% your pants at what is possible!!!!!!
2006-06-22 21:49:11 · answer #2 · answered by DJ SANDMAN 2 · 0⤊ 0⤋
no, not at all, unless you reply him/her giving the password! Of course it is possible to steal passwords if you download some trojan/virus software by that email (sometimes this happens as soon as you open the email).
So Never open emails from people you dont know or from ids you are suspicious of.
Follow these simple dos and dont to keep your password secure.
http://www.colorado.edu/its/security/awareness/passwords/tipstricks.html
http://www.cit.cornell.edu/services/identity/password.html
2006-06-22 21:40:41 · answer #3 · answered by Prasant 2 · 0⤊ 0⤋