Want to Read Your Friend's Mail?

I just realized that most people keep the same password for almost all their online accounts -- all their mail accounts, their blog account, their feed reader account etc. Hence you manage to get access to their password for any one of them and you immediately have access to all!

So that leaves us with the question of how to "get access to" any one of their passwords. Not the hardest thing in the world. Create a web site that allows people to share photos or does something else that's really useless but everyone using it thinks is uber-cool. Then you send your friend an email invitation asking him to create an account at this site and start sharing photos or whatever.

You then take the password that he saves for himself at this fake site of yours and you try it on all his mail accounts. I'd be willing to bet that it works on at least one of them! Presto! You're in. (One of the first the mails you'll see is the very invitation that you sent him!)

In case you're wondering how stupid someone would have to be to use a common password for everything -- only as stupid as someone who would click on a link in an email that says:

Hey hot_hands@aol.com,

Your friend Martha has invited you to join Zorpia, an online photo-sharing portal! Click here to join today!

Okay, that should just about wind up today's lesson in "Social Hacking". Tomorrow we get to the geekier stuff. I need to change my passwords now.

(In case creating a web site isn't "just-another-five-minute-task" for you, there already are web sites that do just this. But going DIY is always more fun.)