Ditto what Chris said... I never save my bank login info onto something that could be stolen, or confiscated while traveling abroad... (Even though I do have my book password protected.) Kimo On Feb 14, 2008, at 12:53 PM, Chris Hoogendyk wrote: > ** The author of this post was a Good Dobee. > ** You too can help the group > ** Fill out the survey/skills inventory in the member's area. > ** If you did, we all thank you. > > > Color me paranoid, but one of my responsibilities is systems, > network & internet security. I do use my home computer for online > banking, bill paying, credit card management, online purchasing, > etc. However, there are a couple of ground rules that I always follow. > > (1) I never, ever let my browser save personal information, > usernames or passwords. I always type them in myself. If your > machine is every compromised, or stolen, or just left alone so that > someone can access it (say they broke into your house), it is just > too easy to look at the bookmarks, see a bank or credit card link, > go to it, and (oh joy, the magic) it remembers your login and > password, and suddenly someone else is in your account shuffling > stuff around. > > (2) I never, ever put any paper that has such private information > in the trash without passing it through a good shredder. Identity > theft has become all too common. > > (3) I never, ever click on a link from an email to do anything that > involves personal data or that I expect to be secure. I always go > to my bank, credit card, etc. from my own bookmark links or by > typing in the URL directly. Spammers are very very good at making > emails that look like the real thing, that have forged from > addresses that look good, but that one critical link you have to > click on to do whatever it is they want you to do has a hidden IP > address underneath and goes to a fake website. That fake web site > siphons off your personal information, account login, etc. and/or > downloads a trojan to your computer. > > (4) I never, ever do anything online involving money that I expect > to be secure on a Windows PC. There are just far too many > compromises, viruses, trojans, keyloggers, etc. out there that hit > PC's. I'm sure there are those who will be up in arms to defend > PC's, but I don't really care. If you want to know why you get so > much spam in your email (it now constitutes the majority of the > mail on the internet), it's in significant part because there are > huge armies of botnet PCs controlled by spammers, and the owners of > those PCs have no clue they are owned. Even on a private network > here at work, where PCs are not addressable or scannable from the > internet, we periodically have to clean up compromised PCs. > > (5) My home computer is the latest Mac OS X, with the latest > updates and patches, with all the security settings intact; but, > nevertheless, it is on a private network behind a firewall and > cannot be directly addressed from the internet. > > (6) If I had a laptop, I would never do any kind of online banking > or financial transactions that I expected to be secure from any > public wireless network. Even if you are using a secure connection, > there is just too much hostile activity and probing going on on > public wireless networks. If I had a laptop, I might even choose > not to ever use that laptop for online banking even when I had > returned it to home base and was on a private network behind a > firewall. It's sort of like when you're giving blood and they ask > all those questions -- have you ever . . . , in the last year have > you . . . , etc. It doesn't mean you're infected. It just means > there is a significant risk involved. > > OK, maybe all that was a bit overboard. But saving usernames and > passwords for autofill for online banking just set me off like a > blow torch to the fuel tank. Major, major security breach. > > > > --------------- > > Chris Hoogendyk > > - > O__ ---- Systems Administrator > c/ /'_ --- Biology & Geology Departments > (*) \(*) -- 140 Morrill Science Center > ~~~~~~~~~~ - University of Massachusetts, Amherst > <hoogendyk at bio.umass.edu> > > --------------- > Erdös 4 > > > > > Annamarie Pluhar wrote: >> Hi Jeff, >> I'm not sure if this is your answer but I don't have that problem. >> There is a setting Safari/Preferences/Autofill select User names >> and passwords. I think that should let you save it. >> Related question: How does one "get" Keychain to save a password >> if you changed your mind after you've told it never to save? >> >> >> Annamarie Pluhar >> >> *Pluhar Consulting* >> Helping organizations live their values >> / >> / >> /http://www.pluharconsulting.com/ <http://www.pluharconsulting.com/> >> /s//trategic solutions/ >> /f//acilitation / >> /t//raining/ >> /instructional design/ >> >> /802.451.1941/ >> /802.579.5975 (cell)/ >> >> >> On Feb 13, 2008, at 4:52 PM, Jeff Rutherford wrote: >> >>> I have a Safari/Apple question that hopefully someone can answer. >>> I do a lot of online banking and checking various credit card >>> balances online, and I repeatedly get prompted with "This is a >>> personal computer, please remember my info." >>> >>> However, no matter how many times, I choose that option, every >>> time I revisit a site, I'm prompted yet again as if I've never >>> visited the site before. When I used a PC, I never had this issue. >>> >>> Is there some Safari or Apple setting that I can change, so that >>> my info for these various sites is remembered? >>> >>> Jeff >>> >>> >>> >>> Jeff Rutherford >>> jeff at jeffrutherford.com <mailto:jeff at jeffrutherford.com> >>> 413 369-4128 - phone >>> 866 677-4108 - fax > _______________________________________________ > Hidden-discuss mailing list - home page: http://www.hidden-tech.net > Hidden-discuss at lists.hidden-tech.net > > You are receiving this because you are on the Hidden-Tech > Discussion list. > If you would like to change your list preferences, Go to the > Members page on the Hidden Tech Web site. > http://www.hidden-tech.net/members