Go | New | Find | Notify | Tools | Reply | |
Baroque Bloke |
JALLEN – A good password vault is essential nowadays. Mine will generate, and store, a random password comprised of characters from multiple character sets (I specify PW length and character sets). A different PW for each account. A "notes" section for each account provides a place for me to store other data, such as security questions & answers, date of PW changes, etc. I have the same brand vault for my MacBook and my iPhone, and they can be synchronized, such that a new (or edited) entry in one vault is replicated in the other. All data in the vault is encrypted. The only PW that I have to remember is the PW for the vault. And there's a "hint" for that PW that's helpful only for me. The vault will send my browser to the account, with the PW copied to the paste buffer. Serious about crackers | |||
|
| I believe in the principle of Due Process  |
What is "a good password vault?" Are they like a gun safe, no matter what size you think you need, get one 2 1/2 times bigger? Luckily, I have enough willpower to control the driving ambition that rages within me. When you had the votes, we did things your way. Now, we have the votes and you will be doing things our way. This lesson in political reality from Lyndon B. Johnson "Some things are apparent. Where government moves in, community retreats, civil society disintegrates and our ability to control our own destiny atrophies. The result is: families under siege; war in the streets; unapologetic expropriation of property; the precipitous decline of the rule of law; the rapid rise of corruption; the loss of civility and the triumph of deceit. The result is a debased, debauched culture which finds moral depravity entertaining and virtue contemptible." - Justice Janice Rogers Brown | |||
|
| Baroque Bloke |
They are software apps, as I suspect you knew.  Mine is named "mSecure". And they support as many accounts as you want, limited only by available memory space.Serious about crackers | |||
|
Nullus Anxietas |
You would be amazed at how often that kind of thing happens. Companies, especially big companies like Equifax, are more interested in degrees than ability and experience. I once was on a contracting gig. The location and customer shall remain unnamed to protect the guilty. I was there to save them from an utter disaster. (The fabrication and integration of an entire, plant-wide highly-automated manufacturing system was essentially failing.) Here's an example of why: As I worked my way up, starting with the lowest-hanging fruit, I finally got to the point of looking into individual contractors' efforts. I start examining the ladder logic designs for many of the automated workstation controllers and it was just plain crap. Convoluted, tortured, bug-ridden, nearly-incomprehensible crap. Turned out the vendor's "designer" was a music major they'd essentially "pulled off the street" (according to his colleagues) and put to work. I ended-up ripping out and re-writing massive swaths of his code (which was not why I was there or what I was supposed to be doing, but somebody had to do it). Now add to this the fact that most pointy-haired bosses regard network security as a burden and an impediment to productivity, rather than good-faith efforts to protect the company's investors' investments, and you get, well, Equifax. There will be more of these, because nobody's being held criminally liable for misfeasance, which is really what it is, IMO. If banks operated like most companies operate their networks: The vaults, lockboxes, and locks would all be purchased at big box stores, the keys/combinations would be taped to the bottoms of desk lamps or just sitting in unlocked drawers, and nobody'd be ensuring the building was locked-up at night before turning out the lights and leaving. IOW: Your money would more safely be buried out in your back yard. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
| Nullus Anxietas |
Far too fracking late. I'm already angry 
Problem is: If you've put a security freeze on your credit reporting, as I did when this first broke: You can't do this without having to go to a SSA office and presenting current, valid photo I.D. to get a one-time code.
I bet I'll encounter the same problem there. Somebody, several somebodies, at Equifax should spend time for this, and I don't mean at Club Fed "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
| Oh stewardess, I speak jive.  |
Less than half of all IT professionals I have ever worked with had degrees specific to IT, and at least 80% of the most talented folks in the business I've ever met came from other disciplines / are self taught. Most IT programs lag too far behind the curve to be particularly beneficial. I've hired far more English, Music, and general Engineering folks than CS Degree havers. | |||
|
| Do No Harm, Do Know Harm |
And what happens when hackers get into your password vault? Serious question. Knowing what one is talking about is widely admired but not strictly required here. Although sometimes distracting, there is often a certain entertainment value to this easy standard. -JALLEN "All I need is a WAR ON DRUGS reference and I got myself a police thread BINGO." -jljones | |||
|
| Nullus Anxietas |
Choose wisely. If you do do, they're unlikely do do that and, even if they do, it'll take them ages to decrypt the contents. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
| Do No Harm, Do Know Harm |
I think I'd like to nuke my entire online existence and switch to cash. And then I find something I want on Amazon  Knowing what one is talking about is widely admired but not strictly required here. Although sometimes distracting, there is often a certain entertainment value to this easy standard. -JALLEN "All I need is a WAR ON DRUGS reference and I got myself a police thread BINGO." -jljones | |||
|
| Member |
Some people are. I realized after Hurricane Katrina, that the only currency accepted for weeks was cold hard cash. Credit card terminals and the like were down for weeks. Since then we have become even more dependent upon online transactions. Water food and gasoline only last for awhile after a disaster. Ted Koppel cites technology disruption as his biggest fear. | |||
|
| I believe in the principle of Due Process |
That website gives me the creeps. No mention of costs. You have to set up an account first. Luckily, I have enough willpower to control the driving ambition that rages within me. When you had the votes, we did things your way. Now, we have the votes and you will be doing things our way. This lesson in political reality from Lyndon B. Johnson "Some things are apparent. Where government moves in, community retreats, civil society disintegrates and our ability to control our own destiny atrophies. The result is: families under siege; war in the streets; unapologetic expropriation of property; the precipitous decline of the rule of law; the rapid rise of corruption; the loss of civility and the triumph of deceit. The result is a debased, debauched culture which finds moral depravity entertaining and virtue contemptible." - Justice Janice Rogers Brown | |||
|
Puddle Pirate |
Another great breakdown of the do's/dont's here: https://np.reddit.com/r/YouSho...sponding_to_equifax/ Sorry about the reddit format but how to go about freezing your credit seems to be a mystery to most. Hope this helps. _____________________________________ “You can get much farther with a kind word and a gun than you can with a kind word alone.” -Al Capone "Happiness is red and free." | |||
|
| Baroque Bloke |
I bought mine from the Apple iPhone and Mac App Stores. Local storage version for both – I don't trust the cloud, and don't need it to sync the two apps. Serious about crackers | |||
|
| Nullus Anxietas |
You have a "smart"phone, yes? And a computer of some type, I imagine? I like Password Safe. It's cross-platform and, while some versions can support cloud storage for multi-device sync, it's not required. It's either free or low-cost. It uses the Twofish block cipher, which was designed by a group of some of the most respected names in the computer security industry, with a 256-bit key. TL;DR: Means it's essentially unbreakable. At least given today's technology. That being said: Nothing, and I do mean nothing, will save you if you do inherently unsecure things. Dodgy web sites, dodgy operating systems, dodgy applications, failure to keep software up-to-date (which is what burned Equifax and its victims), poor passwords that are easily-guessed, sharing accounts with others, generally poor network security hygiene. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
member |
I had the SSA account a long time ago, but they changed the interface and I had to re-establish it. At which time I had a freeze in place at all three credit agencies. When I was unable to complete the account registration, I called them, and first question was do you have a freeze. She informed me they only use one credit agency for a check, and I could lift that freeze only, which I did, for a period of 1 day. You can also lift it for a particular party, like SSA. This was much preferable for me, because the nearest SSA office is about 60 miles away. Another note, I read that Equifax was giving out problematic PIN's for people signing up for the monitoring service. The PINs were sequential, and composed of a Date/Time stamp, including seconds. You might want to take a look at the PIN Equifax issues you, and request a change if necessary. | |||
|
Member |
Engineers make good software people, as long as they pick up and exercise the general principals of software engineering and systems security. They have a special knack for sticking with it until they tease it out. 46 is right. Two of the most brilliant software people I've known were not CS majors, one was a EE and the other had a degree is Music. But they were outside of the bell curve with an unusual amount of brain power way, way over to the right. Both of these people were perpetually bored with their jobs, while they were easily solving otherwise difficult assignments no-one else was capable of tackling. But the run of the mill engineering majors who love and embrace IT, those are the good guys. Lover of the US Constitution Wile E. Coyote School of DIY Disaster | |||
|
| Member |
That's a great summary right there, 110% spot on. Lover of the US Constitution Wile E. Coyote School of DIY Disaster | |||
|
| Member |
Wow, the stupidity never ends does it. Lover of the US Constitution Wile E. Coyote School of DIY Disaster | |||
|
| Member |
Exactly. The question no-one wants to answer. This is why I think credit monitoring companies are big risks as well. You're giving PII to just another company really, the employees of which MAY be one of the bad guys. Really. Think about it. Lover of the US Constitution Wile E. Coyote School of DIY Disaster | |||
|
| Member |
Here's a starting point: Deseat.me No first hand knowledge, just read about it somewhere. | |||
|
| Powered by Social Strata | Page 1 2 3 4 5 6 7 8 |
 | Please Wait. Your request is being processed... |
|
© SIGforum 2024