Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Tablet devoted solely to financial programs
Old 09-03-2019, 08:01 PM   #1
Recycles dryer sheets
 
Join Date: Apr 2013
Location: Beach and Mountain
Posts: 458
Tablet devoted solely to financial programs

My email was hacked recently. I suffered no loss, but it was a pain as they used my email to tell various financial websites that I "forgot" my use id then my password. They got into paypal, and purchased some electronic gift cards. $88 worth but paypal reversed them. They tried to get into my H.S.A. but were unsuccessful. At that point I changed every password and ratcheted up on my security. The 2 step verification stopped them good. What I mean is that when they logon for the first time from a new device, the financial company sends a code to my cell phone. This thwarted much of their efforts.

Anyhow, yesterday we purchased a tablet we are devoting just to bank, H.S.A., brokerage, IRA, etc. We also set up a new google account and email just for this purpose. We will do nothing on this tablet but finances.

Email address of record for all of our accounts is now this new gmail account. Passwords are written down in a secure location as well as stored on this device.

Many more little details that I won't bother you with. But has anyone done this and were you happy with the results?

Maybe this should be in Fire and Money?
__________________

Z3Dreamer is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 09-03-2019, 10:40 PM   #2
Full time employment: Posting here.
 
Join Date: Jun 2017
Location: Chicagoland
Posts: 775
IMO, a separate device is not going to make a difference. Your problem was weak security - which you've partially solved. I think two-factor authentication and strong passwords should take care of your problem.

I use a password generator (Bitwarden). For my bank, brokerage, credit cards, and any other financial sites, I generate 20-character long passwords made up of letters, numbers, and special characters that would take some serious effort to break.

When I'm out, I also try to use Apple Pay instead of my credit cards so that my card number is not exposed.

EDIT: Passwords are written down in a secure location as well as stored on this device.
I forgot to mention that I think this is not a good idea, especially storing them on your device.
__________________

CoolRich59 is offline   Reply With Quote
Old 09-04-2019, 04:30 AM   #3
Administrator
Alan's Avatar
 
Join Date: Jul 2005
Location: Eee ba gum
Posts: 24,680
The only thing I would add to the changes the OP has made is to be sure to turn on 2 factor authentication on the new GMail account. My GMail account uses Google Authenticator, and is needed the first time I access my email account from a new device. Authenticators are better than codes to a cell phone because SIM cards can be spoofed without access to the physical card or phone.

https://www.vice.com/en_us/article/v...tagram-bitcoin
__________________
Retired in Jan, 2010 at 55, moved to England in May 2016
Enough private pension and SS income to cover all needs
Alan is online now   Reply With Quote
Old 09-04-2019, 05:50 AM   #4
Recycles dryer sheets
atmsmshr's Avatar
 
Join Date: Mar 2016
Location: An island off the coast of Florida. (Ok - if you really need to know it's Vero Beach)
Posts: 290
Quote:
Originally Posted by Z3Dreamer View Post
My email was hacked recently. I suffered no loss, but it was a pain as they used my email to tell various financial websites that I "forgot" my use id then my password. They got into paypal, and purchased some electronic gift cards. $88 worth but paypal reversed them. They tried to get into my H.S.A. but were unsuccessful. At that point I changed every password and ratcheted up on my security. The 2 step verification stopped them good. What I mean is that when they logon for the first time from a new device, the financial company sends a code to my cell phone. This thwarted much of their efforts.

Anyhow, yesterday we purchased a tablet we are devoting just to bank, H.S.A., brokerage, IRA, etc. We also set up a new google account and email just for this purpose. We will do nothing on this tablet but finances.

Email address of record for all of our accounts is now this new gmail account. Passwords are written down in a secure location as well as stored on this device.

Many more little details that I won't bother you with. But has anyone done this and were you happy with the results?

Maybe this should be in Fire and Money?
I did the same thing two months ago.
__________________
DW and I are 58. FIRE August 2019 (previous goals were 2021 and 2020). Non-cola pension available but will remain untouched until mid sixties to grow, max SS for DH at FRA. Mega retiree health available. 401k is AA 35% stocks, 6% cash and 59% split between MM & Short Bond fund.
atmsmshr is offline   Reply With Quote
Old 09-04-2019, 07:05 AM   #5
Moderator
Aerides's Avatar
 
Join Date: Nov 2015
Posts: 3,589
I doubt the device is the cause/solution, but dedicated email accounts is a good idea. Google will save the pw's for you which is nice, but I confess I have to keep a hard copy in a safe/separate place too.

What's the alternative? Remembering everything? pfft, I've failed that test more times than I care to share...
Aerides is offline   Reply With Quote
Old 09-04-2019, 07:26 AM   #6
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 21,569
Quote:
Originally Posted by Alan View Post
The only thing I would add to the changes the OP has made is to be sure to turn on 2 factor authentication on the new GMail account. My GMail account uses Google Authenticator, and is needed the first time I access my email account from a new device. Authenticators are better than codes to a cell phone because SIM cards can be spoofed without access to the physical card or phone.

https://www.vice.com/en_us/article/v...tagram-bitcoin
Related to all this, is 2-factor authentication any good if I lose my device (and have not been able to remotely turn it off or reset it yet)? Seems to me, they have the device that gets the code, so they get in.

I guess it protects against all other attempts, but that is a weakness, correct?


Quote:
Originally Posted by Aerides View Post
... but I confess I have to keep a hard copy in a safe/separate place too.

What's the alternative? Remembering everything? pfft, I've failed that test more times than I care to share...
I've shared a system that I have used for years (6 years now), and it keeps working for me. It's very simple, works for everything, and you can write down a secure version and keep it right by your computer, or stored on your device with no worries. From my 3 year old post:

Online passwords!!!

Quote:
But I've been using a simple system for ~ 3 years that works for me.

... For sites where I have a concern, I use use a common prefix and a common suffix for all. This makes it easy to remember, and adds plenty of complexity. For each site, I add a unique middle set of chars that are easy to remember. Example:

Common prefix APPLE123 --- Common Suffix zebra789

So local bank might be:

APPLE123lclb$zebra789

If my broker was Schwabb, it might be:

APPLE123swbzebra789

etc. I can add any special char requirements to the word. Nice thing about this, I can keep a low tech piece of paper with my passwords on it, even in my wallet, and it is secure. It would look like this:

mybank --- lclb$ ---
stocks --- swb ---
online bank --- olb$
Fidelity Credit Card --- fcc ---

See, not enough info there to give it away. All I need to remember are my prefix and suffix 'keys'. I can even write those down somewhere where the connection would not be made.

Works for me.

-ERD50
-ERD50
ERD50 is offline   Reply With Quote
Some money houses can't swallow a tablet
Old 09-04-2019, 07:48 AM   #7
Thinks s/he gets paid by the post
Mdlerth's Avatar
 
Join Date: Oct 2016
Location: The Shire
Posts: 1,199
Some money houses can't swallow a tablet

I've had difficulty accessing brokerage and credit union accounts online using a tablet. The site will open, but then sit there "thinking" forever.

For some reason, laptops don't have the same difficulty. Don't know why.
__________________
Paying it forward is the best investment.
Mdlerth is offline   Reply With Quote
Old 09-04-2019, 08:43 AM   #8
Thinks s/he gets paid by the post
 
Join Date: Feb 2014
Posts: 1,438
I would worry more about the OS and not the physical device. Windows has always had security problems due to bad design and it being a big target. It also sends info back to Microsoft as telemetry, which is a big problem for me, since no one knows what is being sent back. Closed source OSes, like Windows, have no way for the source code to be reviewed by third parties, which means you are at the mercy of Microsoft as to whether to trust them, which I don't.

I would look at open source OSes as a starting point. Then apply things like whole disk encryption, smart password management, physical security, and 2FA.
jim584672 is offline   Reply With Quote
Old 09-04-2019, 09:54 AM   #9
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Chuckanut's Avatar
 
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 9,145
Quote:
Originally Posted by Alan View Post
The only thing I would add to the changes the OP has made is to be sure to turn on 2 factor authentication on the new GMail account. My GMail account uses Google Authenticator, and is needed the first time I access my email account from a new device. Authenticators are better than codes to a cell phone because SIM cards can be spoofed without access to the physical card or phone.

https://www.vice.com/en_us/article/v...tagram-bitcoin
+1

Alan is spot-on about SIM cards. They are certainly better than no 2FA, but an authenticator is far better.
__________________
The worst decisions are usually made in times of anger and impatience.
Chuckanut is offline   Reply With Quote
Old 09-04-2019, 10:58 AM   #10
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 9,685
I wouldn't have the self-discipline to have a device dedicated just for finances. Plus, as Jim mentioned, the OS may be more vulnerable than the device itself.

When I travel, I bring along a laptop (along with phone). The laptop I used to remotely connect to my desktop at home were all my data and majority of my passwords are located using a password manager. The laptop is password protected.

This way, if my laptop gets lost or stolen, at least I won't have all my data on the device and I can still use my laptop to connect to the mothership .
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is offline   Reply With Quote
Old 09-04-2019, 11:19 AM   #11
Administrator
Alan's Avatar
 
Join Date: Jul 2005
Location: Eee ba gum
Posts: 24,680
Quote:
Originally Posted by ERD50 View Post
Related to all this, is 2-factor authentication any good if I lose my device (and have not been able to remotely turn it off or reset it yet)? Seems to me, they have the device that gets the code, so they get in.

I guess it protects against all other attempts, but that is a weakness, correct?


-ERD50
If you lose your 3rd party device then you can’t get in and neither can a thief unless they know the passcode for the 3rd party authenticator.

With HSBC I had a credit card sized device that required me to enter an 8 digit passcode to generate the authentication code. For HSBC customers with smartphones including myself now the option is there to use the HSBC app as the 3rd party authenticator so if I lose my iPhone the thief would first have to break into the phone and then access the app using Face ID or the multi character passcode.

Same goes with the Google authenticator app.
__________________
Retired in Jan, 2010 at 55, moved to England in May 2016
Enough private pension and SS income to cover all needs
Alan is online now   Reply With Quote
Old 09-04-2019, 02:04 PM   #12
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Chuckanut's Avatar
 
Join Date: Aug 2011
Location: West of the Mississippi
Posts: 9,145
The trick is to have two of the little 'key' devices. Many sites allow the use of more than one. If you lose one, get on the website and just remove it from the list of authorization methods for 2FA uses.

Non of this is perfect. And all of it is extra work.
__________________
The worst decisions are usually made in times of anger and impatience.
Chuckanut is offline   Reply With Quote
Old 09-06-2019, 09:41 PM   #13
Recycles dryer sheets
 
Join Date: Aug 2017
Posts: 223
I do something similar to what ERD50, using consistent "rules" then change up a few things which are noted with either characters or hints. I work in IT, I don't trust pw generators.
badatmath is offline   Reply With Quote
Old 09-06-2019, 09:50 PM   #14
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
NW-Bound's Avatar
 
Join Date: Jul 2008
Posts: 25,111
I have done something similar to ERD50's method. The password fragments that vary between accounts are stored in a file on a cloud.

However, that file is encrypted, and accessible only from 2 physical devices: my smartphone and my laptop.
__________________

__________________
"Old age is the most unexpected of all things that can happen to a man" -- Leon Trotsky
NW-Bound is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Poll: who is living solely off their investments? wabmester FIRE and Money 27 10-23-2006 12:58 PM
MBA programs: are the "top 10" really worth it? MooreBonds Young Dreamers 13 03-08-2005 01:34 PM

» Quick Links

 
All times are GMT -6. The time now is 02:48 AM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2019, vBulletin Solutions, Inc.