Unpaintedhuffhines
Recycles dryer sheets
- Joined
- Jan 14, 2013
- Messages
- 316
I have my important stuff at Etrade. They gave me a security key that has a 6 digit number that chances every minute. I have to add this number to then end of my password to log in. Seems foolproof. Do any of the others offer this ?
This is very good, but not a panacea. Others offer this token-based approach, but not many. Your main threat in this scenario is a man-in-the-browser type attack, where some form of malware has gotten onto your machine, and the MITB is acting behind the scenes on your computer, which you have authenticated with the token you refer to. Most malware attacks windows devices just due to proliferation of those devices (and some would say inherent vulnerabilities). Ah, but you say "I don't go to gambling sites or porn sites, so my odds of getting my machine infected are very low!" Well, that sounds logical, but the problem is this: it's not those sites that are the problem. They have a vested interest in keeping their sites malware free, as they want you to come back and spend real money. The most problematic sites: religious blogs. Why? They lack the security expertise to keep their sites free from malware, plus they have an extremely large following. A perfect place for a Trojan if I'm a fraudster trying to steal from you. So, stay away from religion, and only go to porn and gambling sites! Lol. This of course is a joke!
Ack! What to do? Lots of good suggestions here - dedicated devices, Linux OS, chromebook, etc. I prefer to use one of the most secure and easy to use devices: iPad over 4G (or personal wifi). It's not a malware free device, but it's the closest you'll probably get that is still easy to use and widely supported by the sites you need to get to. For me this works, because I constantly check on all things finance related, and I travel extensively. I couldn't be restricted to one stay-at-home device.