March 7, 2009

To be on the other side..

We all tend to think that we are the most normal person around.. according to us we are neither too bad or too good.
There is a small joke based on this

"Have you ever noticed that the ones who are driving slower than you is an idiot and those who are faster are maniacs?"

We dont expect bad or unnatural to happen to us.. those are for the other unfortunate people around us.
That was what I always thought when I heard about other people's online accounts getting hacked. More than once had I seen my friends change their google or orkut accounts after getting hacked.
It could never happen to me. Im always cautions and will never do stupid things.

That was my thought. But it all changed last week.
After college I went out with one of my friends to buy something.. a book or something. I usually use my mobile to check my email.So that day while waiting for the bus back, I saw an email from a site called SocialSpark asking me to approve a comment I got for my blog post. I had registered to a great lot of blog directories and promtion sites and thought it was one of those..actually.. i think i never gave it a second thought.
So I went to the link the had send which asked me to sign in. I should have stopped right there, but i dont really know how i got that stupid and gave my email address and password. It only struck me when i had clicked on the sign in button, but that was it - the page just refreshed and I felt like a lightning bolt had just struck me.
While on the bus, I tried to access my accound through my mobile which I was able to do for some time because of the cache saved on my phone or something. And I tried to change the password, hoping that the the hackers had not employed an automated password reset mechanism. If they hadnt employed one, it would definitly buy me time. But infact they had and i couldnt access my account after a while. It was one of the most terrible moments of my life. My Google account gone.. along with it all my contacts and other accounts including orkut, blogger, paypal, ebay etc.
The fact that i was in the bus and had no means of getting a computer at that moment was like more nails to the coffin. I tried to contact my brother and asked him to do something, but he too could not be free for a while. I had lost all hope and as a last resort called my mother back home and asked her to try logging into my account giving her my old useless password. But she too couldnt and by that time we had reached the stop. As soon as I got down from the bus, I ran to the nearby cafe.
I went to the Google Accounts Help and from there I used the reset your password option to reset my password. The activation link would be sent to my alternate email address. To be frank, it was at that moment that I really understood the importance of the alternate email.
They sent the link to my yahoo mail address and i got my good old google account back.
But somethings still bothers me. Why isnt Google using an image verification option for changing our password? I am sure that after getting my password, it was changed by automatic means and if they had used an image verification, the bots wouldnt be able to reset it. And another thing is that, it was such an easy method to get your accound back, but then why are so many people getting a new account after getting hacked?
Another important thing is that by losing our google account we lose a lot more than just a few contacts or detail, since Google own a lot of other sites that we use like Orkut, Blogger, Picasa, Youtube etc we lose them all. This shows how much we are dependent on a single company called Google.


Deepika gupta said...

Hey great post dear... I too never think before leaving my password here and there.. :(
i need to take care of it.. Nice one!

K said...

I like your blog a lot and have to admit I myself never think twice before giving away my passwords - unless I'm warned by the antivirus

AMAL BOSE B.S said...

@ Deepika and K
thank you guys..
n i guess im not alone in this, right?? ;)

Sriram said...

Hey great post! I have two google accounts and losing any one of them would be a nightmare since my picasa, orkut, blogger, youtube etc accounts would automatically be jeopardised. I can imagine how you would've felt!

Nice cartoon too at the close :)

PS: You're in CET? I haven't met any blogger from our college.. I'm in first year AE :)

scheng said...

Horrible experience, thanks for sharing, I will be more careful in the future.

amalbose said...

thanks.. and yes im from CET. EEE 3rd year.
i was infact looking for another CETian blogger for a while now..
thanks and keep visiting.. :)

IndianPie said...

Great post and I totally agree to what you pointed in the end that google must use image verification methods for password change.