Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Is it really that easy to get someone's password?

It appears that someone has figured out the password to my
Myspace account and has logged in and sent e-mails from the account as well. I
have two questions: First is there any possible way to track down the person
who is doing this (mind you they did not change my password)? Is it really that
easy to obtain someone’s password on a site like this? I do not use a public
computer and change my password regularly.

There are a couple of things going on here. Yes, it’s possible that you got
hacked, but it’s also possible that you didn’t.

Become a Patron of Ask Leo! and go ad-free!

It’s quite possible that you didn’t get hacked. It’s quite possible that
someone is impersonating you in one way or another – this is a common practice
with email borne viruses and spam that could possibly apply to other mail
systems as well. (See my article
Someone’s sending from my email address! How do I stop them?!
for more
information on that scenario.)

The good news is that, no, it’s not that easy to get someone’s
password from such a site. Possible, perhaps, but typically very, very
difficult.

“Yes, it’s possible that you got hacked, but it’s also possible that you didn’t.”

More commonly, these kinds of exploits are the result of poor password
selection, so that someone can easily guess your password, or by trusting
someone you shouldn’t have with your password. And, as you already indicated,
public computers are also a possibility. For that matter, any computer you use
that someone else has access to could be a security risk if you allow it to
save your passwords for you.

Unfortunately once it happens, it’s nearly impossible for us “mere mortals”
to track down the culprit. It really depends on how the service, such
as Myspace, operates. It’s possible that they could track it down, but by that
I mean only that the technology might support it. Whether or not the service
keeps that information or even uses it is unknown. Even if they do, they are
probably not very willing to simply hand it out for claims like this. More
often than not, privacy concerns might require that laws have been broken, law
enforcement get involved, and perhaps even a court order be required to get the
information from the service.

My advice is to get in touch with the service’s support contact and see if
and how they might be able to help. My expectations, however, would be that
they won’t be able, or perhaps willing, to do much.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

6 comments on “Is it really that easy to get someone's password?”

  1. Most websites will offer you a technical support address that you can send these types of queries too.

    I’d suggest changing your password. Try using a combination of upper/lower case characters, numbers and symbols. for example:
    instead of “password”
    use
    “Pa55w0rd”

    MySpace is a fairly secure site so though its not likely that it was hacked i’d change your password just in case.

    Reply
  2. hi, i asked you is it possible to hack my old runescape account back an u didnt reply. anyway how long does it take to be able to read and program python??????

    Reply
  3. ok look on myspace i just made up a e-mail address cause everyone new mine. so when i click the forgot my password it wont send it to me! well someone figured it out and they changed my pass word. so now i can’t get in myspace. how do i find out my password?

    Reply
  4. I am not able to retrieve passwords. Period.

    Sorry.

    (I’m closing comments on this article becaus people insist on repeatedly asking that which I clearly state I cannot do.)

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.