Medical Biophysics Graduate Student Association

MBPGSA Blog

Updates, opinion pieces, and news related to the department

Online Vulnerability: Risky Usernames?

[Photo credit: glenn.mcknight]

Internet users beware. Did you know that by using similar usernames for several online accounts and subscriptions you could be making yourself the target of unscrupulous marketers and online scammers? A recent CBC news article outlines how reusing our usernames for social or business accounts may be facilitating the creation of online profiles and increasing your vulnerability to online scammers.

According to Daniele Perito, one of the researchers at the French National Institute of Computer Science conducting a study on online privacy, online users tend to reuse usernames to their own detriment, “We looked into the uniqueness of the usernames that people use online. We found that people tend to reuse the usernames a lot, and tend to choose extremely identifying usernames for their online activity, which can pose privacy risks.”

The research group created an online tool that people can use to check how unique their usernames are, and whether similar usernames can be linked to the same person.

Seeing is believing, right? That’s why I decided to try this tool myself. I went to the website and found that it’s not working properly as I received the following message no matter what usernames I wrote down: “Connection fail: 111 Connection refused

Your username has an "entropy" (specifically, Information Surprisal) of 0 bits. Based on our estimations, your username appears non identifying on the Internet. However, it is identifying in a population of 1 people”

The website seems to be down at the time this blog post was written but hopefully whatever is wrong with it will be fixed soon because I am really interested in finding out whether the usernames I use with most frequency such as dmerino or diana.merino) are linkable and posing a risk to my privacy online.

When it comes to choosing usernames I am quite pragmatic, I like to have one academically related username and a non-academically related one. But now that I am aware that this may create a threat to my online privacy, I am confronted to forget my pragmatic ways and choose completely unrelated usernames. How does little_house_on_the_prairie_035 sound to you? (It took me more than 15 seconds to write all that down!)

And to think that creating nonsensical and impossible-to-remember passwords was enough to keep us safe from online scammers…

--

Editor's notes: Is your password too common? Find out here (Did Your Password Make The List?) , in the top 30 most used passwords - Samuel Oduneye

Blog, NewsDianaM