Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Old 08-03-2020, 08:50 AM   #21
Thinks s/he gets paid by the post
teejayevans's Avatar
 
Join Date: Sep 2006
Posts: 1,551
Quote:
Originally Posted by UnrealizedPotential View Post
A few steps I also take after using a secured online website for my account is make sure I click out of the website completely. Then I clear my browsing data immediately after using the site from my computer . These two steps make me feel better and adds a little more comfort knowing there isn't any information hanging around on the internet after I am done, at least I hope not.
I’m not a security expert but I thought once you connected to a secure website, there are keys stored in your browser that insures you’ll next connection is to the same site. So it prevents a bogus site pretending to be the site you’re interested in. So you are less secure doing this.

BTW, if you go to your secured website and it doesn’t take your password that you know is correct. Either you already have been hacked, or someone just stole your password by getting you to go to a bogus website. Usually a result of clicking on a link in an email.
teejayevans is online now   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 08-03-2020, 08:55 AM   #22
Recycles dryer sheets
 
Join Date: Jul 2020
Location: Sector 001 - Alpha Quadrant
Posts: 115
The major brokerages have a security guarantee and I'm familiar with their security procedures since I've worked for most of them. Of much greater concern is protection of your social security number. If you haven't locked your credit report, you should. I learned this the hard way.
Ncc1701 is online now   Reply With Quote
Old 08-03-2020, 09:15 AM   #23
Thinks s/he gets paid by the post
RetireBy90's Avatar
 
Join Date: Feb 2009
Location: Cville
Posts: 1,251
I use different userid and password at each of the financial accounts, change password after 2-3 months, use 2FA to the phone, and Fido has an option to lockdown accounts for transfers. To unlock requires another token to the phone and I get an email with any change to lockdown, password or userid. Wells doesn't have a lockdown but I use unique ID and change password. Same with credit unions.
__________________
FIRE 31 Aug, 2018 - Always leave every place better than you found it, always give more than expected
RetireBy90 is offline   Reply With Quote
Old 08-03-2020, 09:39 AM   #24
Thinks s/he gets paid by the post
 
Join Date: Apr 2015
Posts: 2,335
Different passwords, 2FA, and as many alert notifications as I can--for online transfers, phone/mobile transfers and payments, debits, etc., set at $100 or lower. Yes, I get alerts frequently, but I don't mind it.
I have this for all financial accounts, including credit cards.
__________________
You are no longer in a savings mode.
You are now in a slow spend down mode.
pacergal is offline   Reply With Quote
Old 08-03-2020, 09:40 AM   #25
Moderator
sengsational's Avatar
 
Join Date: Oct 2010
Posts: 8,131
I don't think changing passwords often is going to do a bit of good, as long as you never re-use a password. And you should certainly never, ever, not ever, reuse a password.

Turn on 2 factor authentication if you can.

If you are super paranoid, you can configure your bank and broker to completely disallow web initiated transfers, but convenience suffers greatly.

Again, on the super paranoid side, but fairly cheap and convenient is to buy a Chromebook and only do banking/brokerage on that device.

One can not worry about procedures at the bank or brokerage. You've got to just trust that the data bits they hold won't get lost. What you can do, though, is put your eggs in multiple baskets. Clark Howard recommends getting paper statements to prove what was what on a specific date, but I think a downloaded PDF is almost as good, and takes less space.
sengsational is offline   Reply With Quote
Old 08-03-2020, 10:07 AM   #26
Thinks s/he gets paid by the post
gauss's Avatar
 
Join Date: Aug 2011
Posts: 2,991
Never log into any of the accounts that you care about (especially retirement accounts) from a work computer or other computer that you do not control.


-gauss
gauss is offline   Reply With Quote
Old 08-03-2020, 11:19 AM   #27
Thinks s/he gets paid by the post
teejayevans's Avatar
 
Join Date: Sep 2006
Posts: 1,551
It would be nice to be able to get a text anytime someone attempt to login, whether it was successful or not. But I don’t know anyone who does this.
teejayevans is online now   Reply With Quote
Old 08-03-2020, 12:17 PM   #28
Thinks s/he gets paid by the post
Katsmeow's Avatar
 
Join Date: Jul 2009
Location: DFW Area (Tx)
Posts: 4,663
Quote:
Originally Posted by teejayevans View Post
I don’t trust password managers, seems like they could be hacked as well.
The password manager does not have your master password unless you save it which you shouldn't. That is the password that I do not save. Therefore, if someone hacks LastPass that doesn't give them my master password because they do not have it.
Katsmeow is offline   Reply With Quote
Old 08-03-2020, 12:34 PM   #29
Moderator Emeritus
aja8888's Avatar
 
Join Date: Apr 2011
Location: The Woodlands, TX
Posts: 12,430
Quote:
Originally Posted by Scrapr View Post
operative words...so far?

the Nigerians only have to get lucky once...
I'm more worried about the government taking my savings than the scammers!
__________________
Everyone has a plan until they get punched in the mouth...philosopher Mike Tyson
aja8888 is offline   Reply With Quote
Old 08-03-2020, 12:58 PM   #30
Recycles dryer sheets
 
Join Date: Mar 2010
Location: Just south of Rochester
Posts: 119
I access my accounts from home only through one computer. All my transactions are through one account at BofA. I check it often. If money is transferred between bank accounts or investment accounts, it goes through BofA first. The only place money can be transferred is to or from a single account at Bank of America.
It would be pretty difficult to set up a new transfer without it being flagged as suspect.
vince is offline   Reply With Quote
Old 08-03-2020, 04:34 PM   #31
Recycles dryer sheets
 
Join Date: Dec 2007
Posts: 240
All banks and broker institutions seem to have their own phone app that they encourage you to use. The advice against the use of phone apps seems to be because data is easier to be stolen. We all have heard about recorded phone conversations among other things that were done without the users being aware. Yet due to the popularity and convenience of the phone apps, I am sure large number of folks are using them. Please share your thought and/or knowledge if you happend to have insider knowledge regarding the security of using phone apps from financial institutions.
Lots of good knowledge and common sense best practices have been shared thus far. Thanks to all posters for sharing.
ut2sua is offline   Reply With Quote
Old 08-03-2020, 05:17 PM   #32
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Big_Hitter's Avatar
 
Join Date: May 2013
Location: Les Bois
Posts: 5,678
I told my bank, broker and 401k plan administrator that I've had my identity stolen; they will set you up with a token ring or additional verbal password.

I seriously doubt that the perp (or his associates/assigns) will strike again after last time but I'm still staying vigilant. I also subscribe to two ID monitoring services.

Note that I've done nothing extraordinary to protect my monthly qualified plan annuity deposit...… ZING!
__________________
You can't be a retirement plan actuary without a retirement plan, otherwise you lose all credibility...
Big_Hitter is offline   Reply With Quote
Old 08-03-2020, 10:55 PM   #33
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Sunset's Avatar
 
Join Date: Jul 2014
Location: Spending the Kids Inheritance and living in Chicago
Posts: 11,321
Quote:
Originally Posted by Ncc1701 View Post
The major brokerages have a security guarantee and I'm familiar with their security procedures since I've worked for most of them. Of much greater concern is protection of your social security number. If you haven't locked your credit report, you should. I learned this the hard way.
I think you mean to FREEZE credit reporting at the big 3 or 4 credit bureaus.

I know one of them tempts people with locking, but that is not as restrictive and is just a weak offered service, not bound by the same legal restrictions, so they can keep selling your information.
__________________
Fortune favors the prepared mind. ... Louis Pasteur
Sunset is offline   Reply With Quote
Old 08-04-2020, 03:41 AM   #34
Full time employment: Posting here.
atmsmshr's Avatar
 
Join Date: Mar 2016
Location: An island off the coast of Florida. (Ok - if you really need to know it's Vero Beach)
Posts: 627
Last year I bought a basic computer used by DW and I only for credit union and Fidelity. No other browsing allowed on this stand alone computer. Accessed from home router. Separate email account.

I get text messages for any transfer greater than $1,000 from either.
Quarterly transfers from FIDO to CU account for checking and savings.
2FA for FIDO. I should also do the FIDO lockdown between transfers.
Check the accounts on my Iphone using face ID. Probably a bad habit.
No password manager. Anyone remember Kaspersky?
__________________
DW and I are 59/59. FIRE'd August 2019. Non-cola pension available but will remain untouched until mid sixties to grow, max SS for DH at FRA or 70. Mega retiree health available. IRA rollover from 401k Jan 2020 for NUA treatment. LTCG next few years. AA 40% stocks, 7% cash and 53% Intermediate Treasury fund. Rising equity glidepath.
atmsmshr is offline   Reply With Quote
Old 08-04-2020, 05:56 AM   #35
Thinks s/he gets paid by the post
jollystomper's Avatar
 
Join Date: Apr 2012
Posts: 3,568
As secure as you choose to make your accounts, you also need procedures to allow the ones you want to access them when you die, or if you come down with a dementia-related disease. Especially if your survivors are not as tech-savvy as you are.
__________________
FIREd date: June 26, 2018 - wwwwwwhat a rush!
jollystomper is offline   Reply With Quote
Old 08-04-2020, 06:49 AM   #36
Thinks s/he gets paid by the post
The Cosmic Avenger's Avatar
 
Join Date: May 2016
Location: Mid-Atlantic
Posts: 1,805
Quote:
Originally Posted by jollystomper View Post
As secure as you choose to make your accounts, you also need procedures to allow the ones you want to access them when you die, or if you come down with a dementia-related disease. Especially if your survivors are not as tech-savvy as you are.
Well, like most things, you need to balance ease of access against security. If you're sure your family will not be in need waiting for your accounts and you want to have them as secure as possible, you can let them go through the TOD/POD/POA legal channels, where a bank rep will usually insist on confirming their identity in person, and for POA will probably require a court finding of competence or guardianship. If you think your family may need immediate access to those funds, though, you'll want to compromise a bit on security and set up a way to give them online or ATM access as securely as possible....which, of course, means that someone else might gain access, too.
__________________
-Looking to FIRE in the mid-2020s, which would be our mid-50s.
The Cosmic Avenger is offline   Reply With Quote
Old 08-04-2020, 10:33 AM   #37
Thinks s/he gets paid by the post
 
Join Date: Sep 2006
Posts: 1,359
Quote:
Originally Posted by jollystomper View Post
As secure as you choose to make your accounts, you also need procedures to allow the ones you want to access them when you die, or if you come down with a dementia-related disease. Especially if your survivors are not as tech-savvy as you are.
I agree those are important issues, but dying is different than having dementia.

If you are dead, it doesn't matter if your beneficiary is not tech savvy and can't access your accounts because it would be inappropriate and probably illegal for someone to use your credentials to access your accounts after you are dead. If someone is set up as a beneficiary on the account they should notify the account holder of your demise so your individual access can be frozen and then follow the steps of transferring the funds to their name. At that point it would not matter how securely you had your account locked down because you are now dead and your individual access is frozen never to be used again.

If you have dementia, then ideally you would have thought ahead and set up someone with power of attorney authority to manage your accounts while you are alive. You have to contact your account provider to set this up while you are still competent and use their forms and their procedures to set it up. Once that is done, the person who has the power of attorney would be able to legally access your accounts with their own credentials and in that situation it would also not matter how securely you locked down your individual access because your power of attorney designee will set up their own access.

The bottom line is no matter how securely you set up your individual access to your accounts if you set things up properly it will only affect your access, not your beneficiaries and not your power of attorney designee.
JustCurious is offline   Reply With Quote
Old 08-04-2020, 02:21 PM   #38
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
pb4uski's Avatar
 
Join Date: Nov 2010
Location: Sarasota, FL & Vermont
Posts: 29,194
Whatever you do, don't post you Fido account numbers on the internet!

(I added the blackouts of the account numbers, the post in the Where to park brokerage cash still has them.
Attached Images
File Type: jpg InkedCapture_LI.jpg (157.6 KB, 47 views)
__________________
If something cannot endure laughter.... it cannot endure.
Patience is the art of concealing your impatience.
Slow and steady wins the race.

Retired Jan 2012 at age 56...target 65/35/0 AA TBD
pb4uski is offline   Reply With Quote
Old 08-04-2020, 03:36 PM   #39
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Big_Hitter's Avatar
 
Join Date: May 2013
Location: Les Bois
Posts: 5,678
Quote:
Originally Posted by atmsmshr View Post
Probably a bad habit.
No password manager. Anyone remember Kaspersky?
buddy of mine who owns a company got hacked - he now uses 24 character hexadecimal passwords
__________________
You can't be a retirement plan actuary without a retirement plan, otherwise you lose all credibility...
Big_Hitter is offline   Reply With Quote
Old 08-04-2020, 05:20 PM   #40
Thinks s/he gets paid by the post
UnrealizedPotential's Avatar
 
Join Date: May 2014
Posts: 1,282
Quote:
Originally Posted by teejayevans View Post
I’m not a security expert but I thought once you connected to a secure website, there are keys stored in your browser that insures you’ll next connection is to the same site. So it prevents a bogus site pretending to be the site you’re interested in. So you are less secure doing this.

BTW, if you go to your secured website and it doesn’t take your password that you know is correct. Either you already have been hacked, or someone just stole your password by getting you to go to a bogus website. Usually a result of clicking on a link in an email.
I am not sure, hmm, I will have to think about it. I see what you are saying, unfortunately it doesn't clear things up for me. You might be 100% correct. I will have to do some more research on this.
__________________
Understanding both the power of compound interest and the difficulty of getting it is the heart and soul of understanding a lot of things. Charlie Munger

The first rule of compounding: Never interupt it unnecessarily. Charlie Munger
UnrealizedPotential is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
conservator accounts? hiding accounts from the ward Spock Other topics 22 03-26-2020 12:07 PM
Do you auto-pay your CC accounts? Cobra9777 FIRE and Money 108 02-08-2019 08:05 AM
How have you set up accounts for wife if you die first?? blenhardt FIRE and Money 88 06-14-2016 03:52 PM
Your accounts will pass to your account beneficiaries regardless of your will JustCurious FIRE and Money 21 03-22-2008 03:35 AM
Vanguard ... Ever Lost Track of Your Accounts? Craig FIRE and Money 3 01-02-2006 04:38 PM

» Quick Links

 
All times are GMT -6. The time now is 08:11 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2021, vBulletin Solutions, Inc.