Re: how can you verify that the site you get is not a fake?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



bruce wrote:
and matt.. now you see the issue that i've been dealing with...

my bad for not clarifying it earlier.. the ssl aspect helps, but it still
doesn't get to the issue of allowing someone to 'know' or be extremely
certain, that the site they're on, is the 'right' site for the url that
they're trying to obtain...

on a similar tip. if you lose your password.. what's a secure way to get the
password. the current method (of course) is to send you a new password via
email.. assuming that you know your username. but given the fact that email
is text, and could easily be sniffed, is there another/better way.. (and
let's not get into public/private encryption!!)

any ideas/thoughts...

-bruce

In my case, if it is really a place that I need security (bank), it is a phone call. My online bank will only allow 3 mistake logins within a short time and then it requires a phone call to get the access opened.


If I get a password by email, I change it on the first new login.

The odds of a single email sniffed is pretty low in my opinion. And if you are on the ball, you request the password when you will receive it and hopefully act before the sniffer can even go through the data.

This is an interesting thought. When one bank that we used changed from UNIX to Windows servers, the passwords became case insensitive and would not accept some characters. We raised this with the bank and they didn't seem to concerned.

--
Robin Laing


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux