Privacy Redux

bo_knows said:
Personally, I don't post anything online that I wouldn't want a friend to know. Sure, I post finances on a lot of ER-type boards, but only some people think that's taboo.

I have Facebook and many other social media accounts, some repeat user ID's (shoot, part of my name is in my user ID).

I don't really have a problem with it, as I express myself as I would in a public forum in person.
Click to expand...

This is me. I've posted lots of personal information and yet, the greatest concern I have is someone stealing mail from my rural mailbox (now use a lockable one). I could spend a lot of time worrying about my cyber persona, but I'd rather just try to remember to only say stuff online I'd also say in person.

I also use Google 2-step verification and all that jazz. But really, how much time to I want to give over to paranoia? Your example of the law firm is one I don't have to worry about, either. What is the old saying "Don't do anything you don't want your grandmother reading about in the hometown paper!"
 
I don't know Sarah, for a lady who has what appears to be a snake around her neck you are perhaps a risk taker extraordinaire ? ;) :LOL:
 
Lsbcal said:
Are you referring here to the Passwords that we allow our browsers to keep track of?

To clarify this question, when I log into a site for the first time the browser comes up with a question something like "Do you want to save this password?". For key sites, I always ignore this.
Click to expand...

As do I (other than simple stuff that I don't care about - access to a news site or hobby site or whatever).

Question about Facebook (for anyone):

So far I've managed to get by w/o a Facebook account, but the whole family has a page of their own. How can I check to see that their privacy levels are restrictive enough?

I see that w/o an account, I can do a search for their names. Some appear, some do not. But w/o an account, I can't tell how much is publicly available. And if I log in with DW's account, they are already 'friends' so I could see everyone else anyhow.

Seems I'd need to set up a 'dummy' account, with no friends/connections, to see what a 'non-friend'/lurker/potential-bad-guy could see on their sites? Is there an easier way?

TIA - ERD50
 
ERD50 said:
As do I (other than simple stuff that I don't care about - access to a news site or hobby site or whatever).

Question about Facebook (for anyone):

So far I've managed to get by w/o a Facebook account, but the whole family has a page of their own. How can I check to see that their privacy levels are restrictive enough?

I see that w/o an account, I can do a search for their names. Some appear, some do not. But w/o an account, I can't tell how much is publicly available. And if I log in with DW's account, they are already 'friends' so I could see everyone else anyhow.

Seems I'd need to set up a 'dummy' account, with no friends/connections, to see what a 'non-friend'/lurker/potential-bad-guy could see on their sites? Is there an easier way?

TIA - ERD50
Click to expand...

Set up the dummy account. It is easy.

Or you can go to your DW's timeline page, and use the "view as" to see what the public sees.
 
ERD50 said:
Question about Facebook (for anyone):

So far I've managed to get by w/o a Facebook account, but the whole family has a page of their own. How can I check to see that their privacy levels are restrictive enough?

I see that w/o an account, I can do a search for their names. Some appear, some do not. But w/o an account, I can't tell how much is publicly available. And if I log in with DW's account, they are already 'friends' so I could see everyone else anyhow.

Seems I'd need to set up a 'dummy' account, with no friends/connections, to see what a 'non-friend'/lurker/potential-bad-guy could see on their sites? Is there an easier way?

TIA - ERD50
Click to expand...

I don't know if there is an easier way but this might help:

https://windowssecrets.com/top-story/a-refresher-course-on-facebook-privacy-controls/

The big question is, however, why don't you have a Facebook account? What are you afraid of?
 
Lsbcal said:
I don't know Sarah, for a lady who has what appears to be a snake around her neck you are perhaps a risk taker extraordinaire ? ;) :LOL:
Click to expand...

Well, it was a BABY anaconda! :D

ERD, use the view as feature, as someone else suggested. That will help you see the page as the public sees it.
 
KingB said:
Set up the dummy account. It is easy.

Or you can go to your DW's timeline page, and use the "view as" to see what the public sees.
Click to expand...

Sarah in SC said:
ERD, use the view as feature, as someone else suggested. That will help you see the page as the public sees it.
Click to expand...

Thanks, the 'view as' was super-simple, and just what I wanted. DW had a few old postings showing, no big deal, but I would just as soon nothing be view-able outside her contacts.

DD had a bunch view-able - I will be reviewing this with her. Will pass it on to the other kids/family.


RonBoyd said:
I don't know if there is an easier way but this might help:

https://windowssecrets.com/top-story/a-refresher-course-on-facebook-privacy-controls/

The big question is, however, why don't you have a Facebook account? What are you afraid of?
Click to expand...

Thanks, that looks good also.

Not a big question, I just haven't bothered until I see a real need. I'm not paranoid about this stuff, but I also can't see the advantage of putting stuff out there w/o a need. Stuff happens. One more PW to keep, etc.

DW's did get hacked a while back. Someone posted as her that she was in trouble and needed money wired somewhere. Some of her friends thought it was legit (though no one sent money, or at least admitted it). She had a weak password (common word and three numbers), we fixed that.

So I'm concerned, but not 'afraid'.

Thanks to everyone for the tips!


-ERD50
 
Also, I thought I'd pass this along, I've been using this site (the free version) to set up my passwords across a number of computers and really like it thus far.
https://lastpass.com/

Might be worth a look. I first learned about them on CNET.
 
Sarah in SC said:
Also, I thought I'd pass this along, I've been using this site (the free version) to set up my passwords across a number of computers and really like it thus far.
https://lastpass.com/

Might be worth a look. I first learned about them on CNET.
Click to expand...
Maybe I should try this for my non-financial sites.

Do you see any "cons" in using lastpass?
 
Lsbcal said:
Maybe I should try this for my non-financial sites.

Do you see any "cons" in using lastpass?
Click to expand...

Well, there are some sites that use a "pop up" for filling in your info, and those don't work so well with it. But what I really like is the "generate password" feature to create unique passwords for sites.
 
Lsbcal said:
Are you referring here to the Passwords that we allow our browsers to keep track of?

To clarify this question, when I log into a site for the first time the browser comes up with a question something like "Do you want to save this password?". For key sites, I always ignore this.

Also another question: Wouldn't the bad guy have to get access to my computer? He has to login with my password I think. If the password is strong how does he get that? He could try to get in through my Firewall I suppose. I try to have decent wi-fi security.

Re

I appreciate your bringing up security issues Imoldernu. Now I need to know the details. :)
Click to expand...

This is a link to the System Information for Windows... (SIW) When you get to the site, don't click on the BIG download button, but click on one of the download locations... that will bring you to a second page and the download will begin automatically.

|MG| SIW (System Info) 2011.10.29i Download

I highly recommend this program as it provides information about your computer that isn't available anywhere without knowing DOS. I'd almost guarantee that once you run the program, and go to the "Passwords" information that you'll be amazed at what you see.

One doesn't have to be a geek, to be interested in much of the information that will be at your fingertips.

Using a login password for a laptop is really important. On my home computers, I use automatic login... 'cuz I trust DW.

I'd guess that the riskiest password is the one to your email. The 2 step verification for Gmail is good protection, but for our three computers, which we use interchangeably and of necessity, synchronize, the verification process is virtually impossible. I change the email password often.... Drives my bride crazy.

Re: the "Save this password? message... I can't say... seems like the password come up anyway..., based on the cookie.

Re "the bad guy"... he doesn't have to be anywhere near your computer if he has you Email Password. The more encrypted, the better.

RE Thumb drive passwords... fine, as long as you have the drive with you. Will look at lastpass....
BTW, am not really good at this stuff... have just seen enough misery when security is breached.
 
Last edited:
Lsbcal said:
Do you see any "cons" in using lastpass?/QUOTE]

I have used LastPass for quite some time now (Year plus?). Read their Security document. Their Specs are much more strict than any protections mentioned so far in this thread (particularly the "manual" fixes) . Your data does not leave your machine (or shared machines with your permission) and even then it is encrypted with State-of-the-Art technology.

The only "Con" I can find is it takes up a lot of memory (for some reason) and asks to add data at every new site I visit (which is a considerable number). I merely disable it and then re-enable (with an Icon click) when I want to "remember" a Username/password for a particular location.
Click to expand...
 
imoldernu said:
...(snip)...
I'd guess that the riskiest password is the one to your email. The 2 step verification for Gmail is good protection, but for our three computers, which we use interchangeably and of necessity, synchronize, the verification process is virtually impossible. I change the email password often.... Drives my bride crazy.

Re: the "Save this password? message... I can't say... seems like the password come up anyway..., based on the cookie.

Re "the bad guy"... he doesn't have to be anywhere near your computer if he has you Email Password. The more encrypted, the better.

RE Thumb drive passwords... fine, as long as you have the drive with you. Will look at lastpass....
BTW, am not really good at this stuff... have just seen enough misery when security is breached.
Click to expand...
Hi Imoldernu, I'm still trying to make sure I understand your concern. Suppose I have a strong password to get into my computer. So I logon with that. When I bring up a browser like Firefox the email password might be stored by the browser if I have allowed it to in the past. So if I have to logon to my Yahoo mail, the password will be filled in with "*****" showing. If I do not give the browser that permission when it asks, then I'd be doing it by hand manually (there would be no auto-fillin of the password).

Supposing I did give it that permission, I am guessing that the SIW program you mentioned is reading this browser stored password. For a bad guy to get into that he would have to (1) get access to my system as administrator, (2) install a password reading program like SIW, and (3) hope that I did store the Yahoo password in my browser.

If I am right on these points then there are multiple levels of defense that a user has:
1) have a strong password for your computer access
2) have decent wi-fi protection and good security against unauthorized use of your keyboard ;)
3) do not have the email password stored automatically, instead enter it manually

Does this sound reasonable?
 
Sarah in SC said:
This is me. I've posted lots of personal information and yet, the greatest concern I have is someone stealing mail from my rural mailbox (now use a lockable one). I could spend a lot of time worrying about my cyber persona, but I'd rather just try to remember to only say stuff online I'd also say in person.

I also use Google 2-step verification and all that jazz. But really, how much time to I want to give over to paranoia? Your example of the law firm is one I don't have to worry about, either. What is the old saying "Don't do anything you don't want your grandmother reading about in the hometown paper!"
Click to expand...

And make sure your postman actually puts it in the mailbox! Twice now in the past year on my walking path I have come across mail in the streets that the walking mailman has dropped. Once there were 8 envelopes all ran over various times by cars. I took on the roll of postman and walked back up the hill and delivered them. Two of them were checks and they were happy I delivered them.
 
Mulligan said:
And make sure your postman actually puts it in the mailbox! Twice now in the past year on my walking path I have come across mail in the streets that the walking mailman has dropped. Once there were 8 envelopes all ran over various times by cars. I took on the roll of postman and walked back up the hill and delivered them. Two of them were checks and they were happy I delivered them.
Click to expand...
When I found some mail in our street, it was because someone had taken the stuff out of mailboxes and left what he didn't steal. Turned it into the postman but there is little they can do to follow these incidents up. The best thing one can do is to pick up their mail before nightfall, assuming they don't lock their mailbox.
 
I gave up being concerned about privacy in 1975 after I experienced my first visit to a gynecologist.
 
Sarah in SC said:
Also, I thought I'd pass this along, I've been using this site (the free version) to set up my passwords across a number of computers and really like it thus far.
https://lastpass.com/

Might be worth a look. I first learned about them on CNET.
Click to expand...

DD has used lastpass for years and loves it. She even pays an annual fee to use it on her iPad and iPhone.

DD is an IT security expert and worked at IBM on improving their AIX (Unix based) operating system to make it secure enough to pass the Sarbanes Oxley requirements a few years back. (in other words, I trust her judgement in this area).
 
imoldernu said:
The first is a little tricky... go to the DOS prompt (Run) and type in "keymgr.dll"
locate the site, and right click for "properties"

Another way is to load SIW (System Information Windows) open anf go to "Passwords" All of the stored URL's, user names, and passwords are listed.
Click to expand...

keymgr.dll is not what you run, from a DOS prompt you can type

rundll32.exe keymgr.dll,KRShowKeyMgr

or you can type "control userpasswords2" , both just open the console for user administration. Standard admin tool, it doesn't show any passwords.

SIW doesn't show anything more than what is stored in the registry, just easier to read. System/user passwords are not shown, just those stored by IE/outlook, which can be found easily. I allways tell people to never allow the browser to store passwords.
 
rbmrtn said:
...(snip)...
SIW doesn't show anything more than what is stored in the registry, just easier to read. System/user passwords are not shown, just those stored by IE/outlook, which can be found easily. I allways tell people to never allow the browser to store passwords.
Click to expand...
Does that follow for Firefox too on a secure computer?

I notice that financial sites do not get the offer to store the password. Is that because they have chosen to turn off this feature?

And a last question: suppose one did have a password already stored (password #1). I'd imagine one could just change that password and do the store again (password #2). Then change it back to their original password #1 but not allow agree to store that password this time. Does that basically get rid of the password #1 storage mistake?
 
Firefox has its own password manager, Password manager - Remember, delete and change saved passwords in Firefox | Firefox Help

I think how the page coding is done handles this ( been a while since I played with html ) but there was something like "autocomplete=off" which told the browser to not prompt for passwords

That will probably work, you basically have to trick it into redoing the password. One of those odd quirks, you save the password but no direct way to change it.
 
rbmrtn said:
Firefox has its own password manager, Password manager - Remember, delete and change saved passwords in Firefox | Firefox Help

I think how the page coding is done handles this ( been a while since I played with html ) but there was something like "autocomplete=off" which told the browser to not prompt for passwords

That will probably work, you basically have to trick it into redoing the password. One of those odd quirks, you save the password but no direct way to change it.
Click to expand...
Thanks! This is really useful info for me. I'm going to review my password policy. Firefox password manager will show my passwords if I ask it to. So the passwords there are only as good as my computer logon security. Oops. Changes are needed on some things.

For financial sites I do it the old fashioned way, from memory and always manually from the keyboard. I'm sure the intelligence services would defeat my system but not the average hackers out there ;). Also I'd recommend separating out one's standard email from critical money oriented email's.
 
Last edited:
And for anyone considering a locking mailbox, I bought mine at Home Depot for $40, it is the Gibralter Mailsafe and is a well made box. Obviously, a very determined thief could dismantle the box and carry it away, but the lock (I hope) sends a more casual thief to the next box down from mine!
 
You must log in or register to reply here.

Similar threads

S
Wow - complete disregard for decedent
3 4 5
Replies
112
Views
8K
ivinsfan
ivinsfan
Chuckanut
Safe Driving Class
Replies
12
Views
378
audreyh1
audreyh1
FlaGator
Direct Marketing Incompetence – A Vexing Problem
2
Replies
35
Views
922
athena53
athena53
T
What's Your "Good Deed"?
Replies
12
Views
598
TickTock
T
Midpack
We've Been Using Apple Pay The Hard Way For More Than A Year!
Replies
14
Views
521
rk911
rk911

Latest posts

Back
Top Bottom