Password Management

[TromboneAl]

You do realize that emails are sent clear text over the internet and that there are no shortage of people looking at these data streams?

My accountant sent me my taxes (pdf) via email, unencrypted with a subject of "CONFIDENTIAL TAX INFORMATION." Sheesh.

 

[cute fuzzy bunny]

Ed, you're probably going to be just fine 99.9% of the time.

Theres some happy zone between sending the stuff clear text over the internet / storing it in highly hacker desired online accounts and using high end encryption on removable media

T-al... Now I know why some people still like fax machines.

 

[cute fuzzy bunny]

http://news.yahoo.com/s/ap/20070205/ap_on_hi_te/security_breach

Ugh. I take it back. Post your passwords on your personal web site. Somebody thats supposed to be caretaking your personal data is just going to leave it around for someone to steal anyway.

I cant believe that after the laptop thefts last year that this is still going on.

BTW I got a letter from Fidelity the other day that said that the free credit monitoring service they offered last year for folks listed on the "stolen HP/Fidelity laptop" are getting a second year of free credit monitoring if they already applied for it.

You still have a window of time if you never applied to get it free for the next year if you havent yet registered.

 

[TromboneAl]

How does it work with a hacker getting info from email. I'm guessing that they have access to an Internet node that passes email packets on, and then put in an application that looks for words like, "password" or "confidential" or numbers forrmatted like SS numbers, then saves the text around it for a human to check.

 

[cute fuzzy bunny]

Pretty much, but you dont need access to a relay or even a main network node. Put a cable or dsl modem into promiscuous mode and listen for traffic on the right ports. You'll at least get everyone in your "neighbordhood". About four hundred on my cable segment right now.

Look for stuff formatted like usernames and passwords, two word 'pairings'. Hell, people are deciphering "my email name at em ess enn dot com"

Pretty far out there, but it happens.

 

[pfpelican]

I have a folder in one of my Yahoo e-mail accounts for passwords and access codes. I send myself an e-mail with the info on my e-bay account, for example, and put it there. I remember most of them anyway and the wife has a separate set, but it helps jog the memory when needed. It is probably as secure as anything else and I don't have to carry anything around with me.

Ed....it's then only as secure as your yahoo email account. My daughter did this, and some hacker from Australia somehow got her yahoo email ID and PW (we don't know how)....logged in and got all the rest of her IDs and PWs from there. Cleaned out her bank account via paypal.
She had to change bank accounts, but the bank and paypal made her whole.

I carry a USB flashdrive with a zip file on it. The contents of the zip file are password protected and they contain my IDs and PWs. I only have to remember the pw to the zip file contents. EZ PZ

 

[Ed_The_Gypsy]

My stars and little comets!