You may have seen a new meme circulating on Facebook recently: “10 Concerts I’ve Been To, One is a Lie.” It’s pretty self-explanatory. You list 10 bands or artists, nine of which you have seen live, and it’s up to your friends to figure out which one you have not seen.

While the meme’s popularity has grown, many people have been a bit annoyed by it. But now there may be a new reason to hate. According to a New York Times report, privacy experts believe the list might be a way for hackers to figure out your passwords.

Many websites ask for security questions at log in. While not a staple of every login, many use “What was your first concert” or some variation as an option. National Cyber Security Alliance executive director Michael Kaiser called the meme a “moderate security risk.”

Other security and privacy experts are quoted in the article with slightly varying opinions, but all of them agree that its best to stay away from these sorts of memes and quizzes that often come up on Facebook. Here’s how one expert, Alec Muffett, summed it up:

“The usual aphorism is: ‘Your password should be secret, but ‘secrets’ make really bad passwords’ — especially when they are just discoverable or guessable facts,” Mr. Muffett wrote.

Beyond password security, Kaiser said the bigger risk is the possibility of revealing personal information desirable to marketers and targeted advertising, which Facebook does all the time.

Here’s what Kaiser had to say, from the Times:

He said it is similar to users who take quizzes on Facebook. The answers can reveal specifics about a person’s upbringing, culture or other identifying details. “You are expressing things about you, maybe in more subtle ways than you might think,” he said.

So if annoying the people in your Facebook feed wasn’t enough to stop posting, now there’s some extra incentive to quit it.

[New York Times]


About Jesse Kramer

Jesse is a writer and editor for The Comeback. He has also worked for SI.com and runs The Catch and Shoot, a college basketball website based in Chicago. He is a graduate of the Medill School of Journalism at Northwestern University. Follow Jesse on Twitter @Jesse_Kramer.