| Deutsch English Français Italiano |
|
<v71iol$b6dk$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!news.nobody.at!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Chris <ithinkiam@gmail.com> Newsgroups: comp.mobile.android,uk.telecom.mobile Subject: Re: Mobile banking: alarm as fraudsters take over handsets and raid accounts Date: Sun, 14 Jul 2024 22:16:54 -0000 (UTC) Organization: A noiseless patient Spider Lines: 76 Message-ID: <v71iol$b6dk$1@dont-email.me> References: <v6tmll$3ic82$1@dont-email.me> <v6tvmo$jien$1@solani.org> <lffei9F5umuU1@mid.individual.net> <v6u2a0$hub2$1@solani.org> <v6u36c$3kg3i$1@dont-email.me> <v6uhvn$3n53o$1@dont-email.me> <khj59jtvlj986ud74s3267geruhkbviima@4ax.com> <v6v24n$3ptte$2@dont-email.me> <v6v4po$3qa90$1@dont-email.me> <v705gd$3505$1@dont-email.me> <v70qcp$6sqb$1@dont-email.me> <v71adj$9mrn$1@dont-email.me> <v71d31$a4cv$1@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Injection-Date: Mon, 15 Jul 2024 00:16:54 +0200 (CEST) Injection-Info: dont-email.me; posting-host="8cf8af5df1e78884b1ca38d5935168a6"; logging-data="367028"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/mK2X5d5xrPHaARS+HRzMVynI4zKmv/Vg=" User-Agent: NewsTap/5.5 (iPhone/iPod Touch) Cancel-Lock: sha1:4RJXqh+UcjTsI3p0O9OI50xZnNs= sha1:lEBdm9ZwJvXXMUkfiAjQHTobtmg= Bytes: 4572 AJL <noemail@none.com> wrote: > On 7/14/2024 12:54 PM, Chris wrote: >> AJL <noemail@none.com> wrote: >>> On 7/14/2024 2:24 AM, Chris wrote: >>>> AJL <noemail@none.com> wrote: > >>>>> Mine [bank apps] don't offer pin capability but do require long >>>>> passwords using all types of characters. > >>>> That's sounds like a PITA. > >>> PITA? Not for me. Because I'm one of those paranoid folks who don't >>> keep any banking (or investment) apps on my phone for security >>> reasons. > >> The topic is mobile banking... > > And my sentence above DOES refer to mobile banking. The lack of it for > security reasons. If you're going to play on topic cop Who's playing cop? I was simply reminding you of the context hence why I thought your response was a PITA in the context of mobile phones. >>> As far a pin vs password I find passwords easier. That's because I >>> use a formula for each site. Something like $ + my first employee >>> number + first 3 letters of site/app name + my second employee >>> number + next 2 letters of the site/app name + the number 13. This >>> is just an example and it can give me a 15+ character password that >>> I can easily remember and type in in a just few seconds. > >> Some sites don't accept passwords longer than 8 or 9 chars and/or no >> special character. What do you do then? > > As I said, the above formula is just an example. It can be adjusted to > work with any site. Not IME. Many sites have mutually exclusive rules. >> I gave up years ago and have a password manager. >> Much easier. Only one password to remember. > > Sounds scary. Google "password manager dangers". Some results: > > "The same thing that makes password managers so convenient for you—all > your passwords are easily accessible in one spot—also represents the > greatest risk. If your personal device is infected with malware, then > cybercriminals can steal your master password and take control of your > vault." Obviously google is going to return you worst case scenarios. The reality is that weak passwords are a far higher risk for most people which a password manager resolves. I now can have 50 character passwords for places which accept them and 8 character ones for others. > "While LifeLock has had several other issues over the years, in December > 2022, LifeLock revealed that it had experienced a data breach resulting > in more than 6,000 of its customers losing access to their password > managers. Hackers had used a technique known as “credential stuffing” to > take control of these customers" Use a decentralised manager where you are the only person in possession of your vault, where it's stored and the master password. > "Password manager programs are a target for hackers. It's not easy to > login using multiple devices. If the main password is used/typed/saved > on a computer with malware, your main password can compromise all your > other passwords controlled by the PM" There'sa big if there. That's why things like FaceID and TouchID help. You don't type the master password.