On Monday 06 June 2005 12:39, James T. Carver wrote:
On Monday 06 June 2005 10:57 am, fedora-list-request@xxxxxxxxxx wrote:
On Mon, 6 Jun 2005, Robin Laing wrote:
In my case, if it is really a place that I need security (bank), it is a phone call. My online bank will only allow 3 mistake logins within a short time and then it requires a phone call to get the access opened.
If I get a password by email, I change it on the first new login.
The odds of a single email sniffed is pretty low in my opinion. And if you are on the ball, you request the password when you will receive it and hopefully act before the sniffer can even go through the data.
Some banks in europe will hand you a sheet of one-time passwords to be used in order in the event that other mechanisms fail or are inappropriate.
This is an interesting thought. When one bank that we used changed from UNIX to Windows servers, the passwords became case insensitive and would not accept some characters. We raised this with the bank and they didn't seem to concerned.
--
Just knowing that the bank switched from linux/unix to windows makes me leary of doing business with that bank to begin with. even with the latest and greatest from$icrosoft there are so many holes you could drive a truck through them. If the bank wouldn't let you use case senstive and other character passwords it just make cracking that bank easier so I sure would take my money and put it into a different bank.
James
Is someone willing to name the bank and possibly help us avoid a risky experience?
Tom
This was some time ago. I was the TD bank in Canada. I would have to confirm that this is still the case.
I don't deal with them now and I haven't for years. The bank I deal with supports Firefox but not Mozilla. If you set some of the security features, you cannot download your statement due to pop-ups. I use Mozilla and it is great. On logout they actually tell you to clear your cache and/or shut down your browser to clear any tokens.
-- Robin Laing
