|
|
08-25-2014, 01:38 PM
|
#41
|
Thinks s/he gets paid by the post
Join Date: Mar 2010
Location: Kerrville,Tx
Posts: 3,361
|
Quote:
Originally Posted by veremchuka
I use KeePass for userids, passwords and security questions. I never use the same userid (unless they require my email address which I hate), password or answer to a security question.
What hospital were you born in?
Blue2 4X treecorn
What is you mother's maiden name?
66 excavator 18T
What was your 1st pet's name?
Altogether42 airplane 29$$
No problems with those security questions here.
|
Actually if folks read obituaries you find that if your mother has passed on it is likley that her maiden name is in the obituary, along with your name as a child and the town you live in. This does suggest that mothers maiden name for more mature folks is a very poor security question, until obituaries are written to avoid stating the childrens home towns. Better say the maternal grandmothers maiden name, as that takes a lot more tracing back, and assumes folks have not changed cities in the interim.
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
08-25-2014, 01:44 PM
|
#42
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Apr 2013
Posts: 11,078
|
Quote:
Originally Posted by meierlde
Actually if folks read obituaries you find that if your mother has passed on it is likley that her maiden name is in the obituary, along with your name as a child and the town you live in. This does suggest that mothers maiden name for more mature folks is a very poor security question, until obituaries are written to avoid stating the childrens home towns. Better say the maternal grandmothers maiden name, as that takes a lot more tracing back, and assumes folks have not changed cities in the interim.
|
Very true.
I just misspell my mother's maiden name. Misspelling comes naturally to me.
Sent from my SAMSUNG-SGH-I337 using Early Retirement Forum mobile app
|
|
|
09-08-2014, 04:20 AM
|
#43
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2007
Location: Denver, Colorado
Posts: 6,258
|
FWIW, here is a free password generator worth considering:
Master Password: Off-Line Password Generator & Vault
__________________
"It's tough to make predictions, especially when it involves the future." ~Attributed to many
"In theory, there is no difference between theory and practice. But, in practice, there is." ~(perhaps by) Yogi Berra
"Those who have knowledge, don't predict. Those who predict, don't have knowledge."~ Lau tzu
|
|
|
09-08-2014, 06:30 AM
|
#44
|
Recycles dryer sheets
Join Date: Jun 2011
Location: Broomfield
Posts: 90
|
I'll never complain or be annoyed again about the security, challenge questions/passwords. It apparently is what prevented me from potential harm last week. My credit union called and said someone called in and had my account number AND my SSN! They were trying to do a wire transfer. They didn't have my call-in password and apparently didn't know my first pet's name (or the other questions either). This is what raised the red flag, and also started a flurry of activity on my part. Had to close my old and re-open a new account which was linked to several sub-accounts (checking, savings, visa, HELOC) which of course my wife was joint on. Notify the credit bureaus and put a fraud alert out there, file an affidavit with the IRS, and the most time-consuming was re-setting up all the auto payments and direct deposits. The $10/month id theft service I have was very helpful in both initiating things for me, and giving me all the information I needed to do stuff that had to be done only by me. I won't complain about that $10/month again either!
So, I'm now as diligent about the answers to those security questions as I am about my passwords themselves. There's still at least one bad guy out there with my SSN! Lots of good ideas in this thread too. Thanks everyone.
|
|
|
09-09-2014, 09:32 AM
|
#45
|
Moderator
Join Date: Oct 2010
Posts: 10,723
|
I'm a paid LastPass user (so can use it on my phone). I also printed-out a one-time password list and carry that in my wallet (just looks like jibberish).
And like many, I make-up answers to the security questions using a "rule". The problem is that if a site is compromised and someone sees the answers to my security questions, that can be leveraged on a different site.
Only marginally related, but here's a cool password related link: https://www.grc.com/haystack.htm
Quote:
password: yRDrATI4c!ng
Massive Cracking Array Scenario: (Assuming one hundred trillion guesses per second)1.74 centuries
|
|
|
|
09-09-2014, 09:44 AM
|
#46
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,263
|
Quote:
Originally Posted by sengsational
|
Steve Gibson is one of the saner voices in this entire computer security mess.
__________________
Comparison is the thief of joy
The worst decisions are usually made in times of anger and impatience.
|
|
|
09-09-2014, 10:40 AM
|
#47
|
Moderator
Join Date: Oct 2010
Posts: 10,723
|
Quote:
Originally Posted by Chuckanut
Steve Gibson is one of the saner voices in this entire computer security mess.
|
I got to listening to a bunch of netcasts back when I had a lot of commute hours to fill. Now, not having to fill-up drive-time, I gave-up almost all of them. But I still listen to Security Now (and sometimes Freakonomics Radio).
|
|
|
09-09-2014, 01:40 PM
|
#48
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,263
|
You've got to wonder why some lawyer hasn't jumped on this
Quote:
KrebsOnSecurity also heard from an employee at a much larger bank on the West Coast that lost more than $300,000 in two hours today to PIN fraud on multiple debit cards that had all been used recently at Home Depot. The manager said the bad guys called the customer service folks at the bank and provided the last four of each cardholder’s Social Security number, date of birth, and the expiration date on the card. And, as with the bank in New England, that was enough information for the bank to reset the customer’s PIN.
|
Amazing. And very sad.
http://krebsonsecurity.com/2014/09/i...it-card-fraud/
__________________
Comparison is the thief of joy
The worst decisions are usually made in times of anger and impatience.
|
|
|
09-09-2014, 01:41 PM
|
#49
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 17,263
|
Quote:
Originally Posted by sengsational
I got to listening to a bunch of netcasts back when I had a lot of commute hours to fill. Now, not having to fill-up drive-time, I gave-up almost all of them. But I still listen to Security Now (and sometimes Freakonomics Radio).
|
Leo and his various hosts and guests are among the best.
__________________
Comparison is the thief of joy
The worst decisions are usually made in times of anger and impatience.
|
|
|
09-10-2014, 07:43 PM
|
#50
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2006
Posts: 12,880
|
Quote:
Originally Posted by sengsational
I also printed-out a one-time password list and carry that in my wallet (just looks like jibberish).
|
I'm not understanding that. Can you explain?
__________________
Al
|
|
|
09-11-2014, 05:22 AM
|
#51
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2007
Location: Denver, Colorado
Posts: 6,258
|
Hmmmm... maybe an e-mail with a newly-generated passcode each time one logs in will appease the truly paranoid:
https://www.dropboxatwork.com/2014/0...-verification/
__________________
"It's tough to make predictions, especially when it involves the future." ~Attributed to many
"In theory, there is no difference between theory and practice. But, in practice, there is." ~(perhaps by) Yogi Berra
"Those who have knowledge, don't predict. Those who predict, don't have knowledge."~ Lau tzu
|
|
|
09-11-2014, 09:02 AM
|
#52
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jan 2007
Location: Independence
Posts: 7,298
|
Quote:
Originally Posted by psweath
I'll never complain or be annoyed again about the security, challenge questions/passwords. It apparently is what prevented me from potential harm last week. My credit union called and said someone called in and had my account number AND my SSN! They were trying to do a wire transfer. They didn't have my call-in password and apparently didn't know my first pet's name (or the other questions either). This is what raised the red flag, and also started a flurry of activity on my part. Had to close my old and re-open a new account which was linked to several sub-accounts (checking, savings, visa, HELOC) which of course my wife was joint on. Notify the credit bureaus and put a fraud alert out there, file an affidavit with the IRS, and the most time-consuming was re-setting up all the auto payments and direct deposits. The $10/month id theft service I have was very helpful in both initiating things for me, and giving me all the information I needed to do stuff that had to be done only by me. I won't complain about that $10/month again either!
So, I'm now as diligent about the answers to those security questions as I am about my passwords themselves. There's still at least one bad guy out there with my SSN! Lots of good ideas in this thread too. Thanks everyone.
|
Hmm. My gal would suggest her causation theory and wonder if you had NOT had a $10/month id theft service if you wouldn't have avoided the id theft. Same theory suggests that virii are fostered by anti-virus programs. Maybe your id theft service neatly filtered for people whose id was worth stealing. See also: McAfee Anti-virus and John McAfee, pillar of virtue.
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|