On Monday 06 June 2005 10:57 am, fedora-list-request@xxxxxxxxxx wrote: > On Mon, 6 Jun 2005, Robin Laing wrote: > > In my case, if it is really a place that I need security (bank), it is a > > phone call. My online bank will only allow 3 mistake logins within a > > short time and then it requires a phone call to get the access opened. > > > > If I get a password by email, I change it on the first new login. > > > > The odds of a single email sniffed is pretty low in my opinion. And if > > you are on the ball, you request the password when you will receive it > > and hopefully act before the sniffer can even go through the data. > > Some banks in europe will hand you a sheet of one-time passwords to be > used in order in the event that other mechanisms fail or are > inappropriate. > > > This is an interesting thought. When one bank that we used changed from > > UNIX to Windows servers, the passwords became case insensitive and would > > not accept some characters. We raised this with the bank and they didn't > > seem to concerned. > > -- Just knowing that the bank switched from linux/unix to windows makes me leary of doing business with that bank to begin with. even with the latest and greatest from$icrosoft there are so many holes you could drive a truck through them. If the bank wouldn't let you use case senstive and other character passwords it just make cracking that bank easier so I sure would take my money and put it into a different bank. James
Attachment:
pgpEpEUYgWvAG.pgp
Description: PGP signature
