- [ ] Try To Recover Access ### Explanation The vast majority of social media platforms have some mechanism to restore your access (restore password) to the account even if you don’t remember your password or login. It could be based on: - sending a one-time code in SMS or email (showing part or the whole digital identifiers of a person: email address, phone number) - security (control) questions (which is an opportunity for hacking, since answers to questions can usually be extracted from public activity; but non-standard questions could contain some valuable information by themselves). Also, some social media platforms apply additional verification asking some data about account such as "what's your last name". ### Input - personal account - email address - phone number - additional information (answers to security questions or verification) ### Output - parts of phone number / email address - full name - photo - security questions ### Examples - [Martin Vigo: From email to phone number, a new OSINT approach](https://www.martinvigo.com/email2phonenumber/) - [Sarah Palin email hack](https://en.wikipedia.org/wiki/Sarah_Palin_email_hack) ### Tools - [email2phonenumber](https://github.com/martinvigo/email2phonenumber) - [holehe](https://github.com/megadose/holehe) ### Type - behavioural - technical ### Weakness - [[SOWEL-1. Having and Filling Account]]