Thursday, March 26, 2009

How to save your orkut account from getting hacked

i am with a guide on how to save your orkut account from getting hacked. For this lets go through the login security system used by Google for its application like orkut.

Google uses a 4 Level Orkut login which makes it difficult to hack using brute force method.
1st Level Security-SSL or 128 bit secured connection
2nd Level Google account checks for cookie in the sytem of user
3rd Level Google provides a redirection to the entered User information
4th Level Google doesn't use conventional php/aspx/asp coding so impossible to attack using input validation attack!!


It is not an easy task to break this security! But still some people manages to get access to other accounts. The question concerned is How they do it? Many of them just use simple tricks that be fool users and then they them self leak out their password. Here are some points you need to take care of, to prevent your Orkut account being hacked!

Phishing Attack is the most popular way of stealing other's password. Popular by the name of fake login (among those who knows it!!) the users land on a page where they are asked for their login information and they enter their username and password thinking it to be a real page but actually it is other way round. It submits all the details entered to the programmer or the coder.

Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm= 22910233 OKRUT not ORKUT. Clicking on this link will take you to a fake login page and there you loose up your password.


Orkut New Features: I have come across a page that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When user submit the page, there goes his ID and password mailed to the coder.

Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it.

Primary mail address: If by some means a hacker came to know password of your email address, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on 'forget password'.This way Google will send link to the already hacked primary email id to change the password of the Orkut account. Hence the email hacker will change your Orkut account's password. Hence your Orkut account hacked too.

So a better thing would be to keep a very unknown or useless email id of yours as primary email id so that if the hacker clicks on 'Forgot password' the password changing link goes to an unknown email id i.e. not known to the hacker.

These are the some of the methods which can alarm you about the possibility of account hacking. So its better to play safe.

one more thing when ever you felt unsecure just change your password as soon as possible
By:- Ronik

No comments:

Post a Comment