Page 5 of 6 FirstFirst 123456 LastLast
Results 61 to 75 of 80

Thread: How secure is your password?

  1. #61
    I still don't see what they gain. If that know my password to a forum, are they going to log in as me and post stupid things? Sorry, got that covered already.

    If they get into my bank, I'll know about it after the first transaction or two, and the account will be locked and I'll get my money back from the bank.

    If they get into my email, they'll see how boring my email life is. I'm not emailing the President. They might find out that a friend's kid hit a home run in a baseball. What will they do, email people with my account? Like I care?

    I've not yet seen the reasoning in my life of how devastating it would be.

    I think passwords have become the boogy man for the media. Now, if you're hacking into a business that has intellectual property, then I get it, but I don't see the value in the end, home user.

    So you know have access to my netflix account? Good, could you send me the login, because I can't remember it.
    Lasers : Trotec Speedy 300 75W, Trotec Speedy 300 80W, Galvo Fiber Laser 20W
    Printers : Mimaki UJF-6042 UV Flatbed Printer , HP Designjet L26500 61" Wide Format Latex Printer, Summa S140-T 48" Vinyl Plotter
    Router : ShopBot 48" x 96" CNC Router Rotary Engravers : (2) Xenetech XOT 16 x 25 Rotary Engravers

    Real name Steve but that name was taken on the forum. Used Middle name. Call me Steve or Scott, doesn't matter.

  2. #62
    Quote Originally Posted by Scott Shepherd View Post
    If they get into my bank, I'll know about it after the first transaction or two, and the account will be locked and I'll get my money back from the bank.
    That isn't universally true, I know a guy that lost $15k (IIRC) due to his password being compromised (got a key logger on his machine). The large bank said, "too bad."

  3. #63
    Quote Originally Posted by Phil Thien View Post
    That isn't universally true, I know a guy that lost $15k (IIRC) due to his password being compromised (got a key logger on his machine). The large bank said, "too bad."
    If the bank is FDIC insured, he should be good to go. I'd contact a lawyer on that one.
    Lasers : Trotec Speedy 300 75W, Trotec Speedy 300 80W, Galvo Fiber Laser 20W
    Printers : Mimaki UJF-6042 UV Flatbed Printer , HP Designjet L26500 61" Wide Format Latex Printer, Summa S140-T 48" Vinyl Plotter
    Router : ShopBot 48" x 96" CNC Router Rotary Engravers : (2) Xenetech XOT 16 x 25 Rotary Engravers

    Real name Steve but that name was taken on the forum. Used Middle name. Call me Steve or Scott, doesn't matter.

  4. #64
    Join Date
    Oct 2007
    Location
    Arlington, VA
    Posts
    1,850
    Quote Originally Posted by Scott Shepherd View Post
    I still don't see what they gain. If that know my password to a forum, are they going to log in as me and post stupid things? Sorry, got that covered already.
    I think the issue for a lot of users--and this may not apply to you--is that they use the same password across different sites. Don't get me wrong, that is a bad practice, but it is something that people do because it is too hard to remember passwords that are unique. So, for a lot of people, getting your password to your LinkedIn account might also lead to your FB account and your work email and your bank account. Yeah, maybe you can get your bank to shut down unauthorized withdrawals and transfers, but it might take some time. And it will be a PITA.

    There is also an issue these days with people taking over email accounts and using those accounts to reset other passwords on more secure systems. They lock you out of the account you need to authenticate yourself to other sites. Again, maybe not a big deal for you. But other people who have invested in a web presence for a business or who use cloud based storage for all their digital photos might think otherwise.

  5. #65
    Quote Originally Posted by Scott Shepherd View Post
    If the bank is FDIC insured, he should be good to go. I'd contact a lawyer on that one.
    "FDIC insurance does not protect you against identity theft or unauthorized use of your bank account."

    http://www.medscape.com/viewarticle/768184

  6. #66
    Quote Originally Posted by Phil Thien View Post
    "FDIC insurance does not protect you against identity theft or unauthorized use of your bank account."

    http://www.medscape.com/viewarticle/768184
    Has nothing to do with identity theft. It's fraud. Fraudulent transactions. You are protected under federal law. This is from a Federal website dealing with this exact thing :

    "What does the bank have to do once I report it? Can I get my money back?
    Once you notify your bank or credit union, it generally has 10 business days to investigate the issue (20 days if the account has been open less than 30 days). Your bank or credit union then has three business days to report its findings to you. If the bank or credit union can’t complete its investigation within 10 (or 20) business days as applicable, it must credit your account for the full disputed amount less a maximum of $50 while the investigation continues.
    The bank or credit union must resolve the issue in 45 days, unless the transactions were conducted in a foreign country, were conducted within 30 days of account opening, or were debit card point-of-sale purchases. In those cases, you may have to wait as long as 90 days for the issue to be fully resolved. The bank or credit union must correct an error within one business day after determining that an error has occurred.
    If the bank or credit union determines that the transactions were legitimate, it must provide you with written notice before taking the money that was credited to you during the investigation out of your account.
    There are instances, such as tax liens or wage garnishment, where someone may take money out of your account to pay back a debt you owe and you will not be able to recover the funds.
    Tip: Report your lost or stolen card within two business days of when you discover it is missing so you limit your losses to $50 or less, no matter how much is charged to your card."
    Lasers : Trotec Speedy 300 75W, Trotec Speedy 300 80W, Galvo Fiber Laser 20W
    Printers : Mimaki UJF-6042 UV Flatbed Printer , HP Designjet L26500 61" Wide Format Latex Printer, Summa S140-T 48" Vinyl Plotter
    Router : ShopBot 48" x 96" CNC Router Rotary Engravers : (2) Xenetech XOT 16 x 25 Rotary Engravers

    Real name Steve but that name was taken on the forum. Used Middle name. Call me Steve or Scott, doesn't matter.

  7. #67
    Quote Originally Posted by Scott Shepherd View Post
    Has nothing to do with identity theft. It's fraud. Fraudulent transactions. You are protected under federal law. This is from a Federal website dealing with this exact thing :

    "What does the bank have to do once I report it? Can I get my money back?
    Once you notify your bank or credit union, it generally has 10 business days to investigate the issue (20 days if the account has been open less than 30 days). Your bank or credit union then has three business days to report its findings to you. If the bank or credit union can’t complete its investigation within 10 (or 20) business days as applicable, it must credit your account for the full disputed amount less a maximum of $50 while the investigation continues.
    The bank or credit union must resolve the issue in 45 days, unless the transactions were conducted in a foreign country, were conducted within 30 days of account opening, or were debit card point-of-sale purchases. In those cases, you may have to wait as long as 90 days for the issue to be fully resolved. The bank or credit union must correct an error within one business day after determining that an error has occurred.
    If the bank or credit union determines that the transactions were legitimate, it must provide you with written notice before taking the money that was credited to you during the investigation out of your account.
    There are instances, such as tax liens or wage garnishment, where someone may take money out of your account to pay back a debt you owe and you will not be able to recover the funds.
    Tip: Report your lost or stolen card within two business days of when you discover it is missing so you limit your losses to $50 or less, no matter how much is charged to your card."
    That is only for personal accounts, not business accounts.

    There is no similar protection for business accounts.

  8. #68
    Quote Originally Posted by Phil Thien View Post
    That is only for personal accounts, not business accounts.

    There is no similar protection for business accounts.
    That's what I was saying, that's about anything you do to my personally, isn't going to matter. Businesses, as noted, are a different animal.

    As an individual, I'm not sure where the risk is from having passwords compromised.
    Lasers : Trotec Speedy 300 75W, Trotec Speedy 300 80W, Galvo Fiber Laser 20W
    Printers : Mimaki UJF-6042 UV Flatbed Printer , HP Designjet L26500 61" Wide Format Latex Printer, Summa S140-T 48" Vinyl Plotter
    Router : ShopBot 48" x 96" CNC Router Rotary Engravers : (2) Xenetech XOT 16 x 25 Rotary Engravers

    Real name Steve but that name was taken on the forum. Used Middle name. Call me Steve or Scott, doesn't matter.

  9. #69
    Quote Originally Posted by Scott Shepherd View Post
    That's what I was saying, that's about anything you do to my personally, isn't going to matter. Businesses, as noted, are a different animal.

    As an individual, I'm not sure where the risk is from having passwords compromised.
    I thought you owned a sign business?

  10. #70
    Quote Originally Posted by Phil Thien View Post
    I thought you owned a sign business?
    We do, however, I don't use the internet for anything financial for that (me personally). I just spend the money, I don't account for it
    Lasers : Trotec Speedy 300 75W, Trotec Speedy 300 80W, Galvo Fiber Laser 20W
    Printers : Mimaki UJF-6042 UV Flatbed Printer , HP Designjet L26500 61" Wide Format Latex Printer, Summa S140-T 48" Vinyl Plotter
    Router : ShopBot 48" x 96" CNC Router Rotary Engravers : (2) Xenetech XOT 16 x 25 Rotary Engravers

    Real name Steve but that name was taken on the forum. Used Middle name. Call me Steve or Scott, doesn't matter.

  11. #71
    Join Date
    Dec 2007
    Location
    Hillsboro, OR
    Posts
    1,415
    Blog Entries
    3
    Quote Originally Posted by Scott Shepherd View Post
    I still don't see what they gain. If that know my password to a forum, are they going to log in as me and post stupid things? Sorry, got that covered already.

    If they get into my bank, I'll know about it after the first transaction or two, and the account will be locked and I'll get my money back from the bank.
    It would be a lot easier to open up a bunch of credit card accounts with your hacked information. I've had 2 relatives whose credit was ruined in this manner and it took over a year working with the various financial institutions to get everything cleared up. One of them lost $5k from their bank... the bank said "too bad".
    Last edited by Greg Portland; 08-12-2014 at 7:06 PM.

  12. #72
    Join Date
    Dec 2007
    Location
    Hillsboro, OR
    Posts
    1,415
    Blog Entries
    3
    I'd add that 1password is a good (pay) option for maintaining all your passwords in a secure manner. You only need to remember 1 (secure) password; the tool takes care of the rest (updating existing passwords, etc.).

    Also, always use 2 factor authorization when it's offered (i.e. text a confirmation code to your phone if you change your password, etc.).

  13. #73
    Quote Originally Posted by Greg Portland View Post
    It would be a lot easier to open up a bunch of credit card accounts with your hacked information.
    What hacked information? That's my point. You're not going to gather enough personal data about me (SSN, etc.) from my Facebook account.

    I don't know, I just don't see the threats. Does it happen? Sure. Did it happen because people clicked on phishing emails that said "your account has been locked, please click here to reactivate" and then they promptly entered way more private information than anyone should ever give into the form, which handed the people the keys to everything? Probably. You're not going to get enough information to open accounts in my name from my woodworking forum profile, I don't think. Could someone sit here and go across posts and build a profile about me, sure. But that takes time these people aren't interested in that sort of profile building, they are running scripts with the data to log into various things.

    The vast majority of forums out there don't require you to use your real name. How's anyone going to do any damage to "FastRedCar34365" that's on a car forum? All they get is access to the forum. There's no address or personal information in there.

    If they did get into my bank account, as soon as $100 was spent, I'd be notified, so I could shut it down in minutes after that notification.
    Lasers : Trotec Speedy 300 75W, Trotec Speedy 300 80W, Galvo Fiber Laser 20W
    Printers : Mimaki UJF-6042 UV Flatbed Printer , HP Designjet L26500 61" Wide Format Latex Printer, Summa S140-T 48" Vinyl Plotter
    Router : ShopBot 48" x 96" CNC Router Rotary Engravers : (2) Xenetech XOT 16 x 25 Rotary Engravers

    Real name Steve but that name was taken on the forum. Used Middle name. Call me Steve or Scott, doesn't matter.

  14. #74
    Join Date
    Feb 2003
    Location
    Doylestown, PA
    Posts
    7,551
    Quote Originally Posted by Scott Shepherd View Post
    I still don't see what they gain. If that know my password to a forum, are they going to log in as me and post stupid things? Sorry, got that covered already.

    If they get into my bank, I'll know about it after the first transaction or two, and the account will be locked and I'll get my money back from the bank.

    If they get into my email, they'll see how boring my email life is. I'm not emailing the President. They might find out that a friend's kid hit a home run in a baseball. What will they do, email people with my account? Like I care?

    I've not yet seen the reasoning in my life of how devastating it would be.

    I think passwords have become the boogy man for the media. Now, if you're hacking into a business that has intellectual property, then I get it, but I don't see the value in the end, home user.

    So you know have access to my netflix account? Good, could you send me the login, because I can't remember it.
    One example that comes to mind: If someone was able to use your email account to send things like child porn files as attachments, it seems like your life could get complicated until you got it straightened out.

  15. #75
    Join Date
    Nov 2007
    Location
    Glenelg, MD
    Posts
    12,256
    Blog Entries
    1
    Quote Originally Posted by Curt Harms View Post
    One example that comes to mind: If someone was able to use your email account to send things like child porn files as attachments, it seems like your life could get complicated until you got it straightened out.
    Meh, not really. While it may come from his account, the login IPs would quickly resolve any doubt as to where it originated from. During investigations of such matters, email accounts are only useful in narrowing the parameters ("could person 'X' be sending this")... but the real evidence is the IP address for the connection. This would be resolved long before he was ever approached about such issues.
    Hi-Tec Designs, LLC -- Owner (and self-proclaimed LED guru )

    Trotec 80W Speedy 300 laser w/everything
    CAMaster Stinger CNC (25" x 36" x 5")
    USCutter 24" LaserPoint Vinyl Cutter
    Jet JWBS-18QT-3 18", 3HP bandsaw
    Robust Beauty 25"x52" wood lathe w/everything
    Jet BD-920W 9"x20" metal lathe
    Delta 18-900L 18" drill press

    Flame Polisher (ooooh, FIRE!)
    Freeware: InkScape, Paint.NET, DoubleCAD XT
    Paidware: Wacom Intuos4 (Large), CorelDRAW X5

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •