Identity Theft

Jim Godward · Dec 23, 2007

Any of these programs will do a good job and stop all but the most serious and sophisticated searcher. The only way to be absolutely sure is to destroy the disk. That is what we had to do with disks that had classified data on them.

The Limey · Jun 14, 2008

Its a big problem here in the UK we even have people going through our bins looking for bank details so everything has to be shredder

Local tax office sent a data disc by local post... it had the details of over 5,000 peoples bank accounts numbers , sort codes and address its never ever been found.

Paul

John From Detroit · Aug 19, 2008

In the Membership park I was just at (came back home today in fact) there is a "public" Wi-Fi node for members use, it's calle 1000Trails (Same as the park)

Of course it only works when you are in or near the member lounge/rec room/event room area, (only one Linksys router in the park manager's office in case anyone wants to know)

Strange thing was when I was on my camp site, quite a distance away, I had an "Excellent" signal on a router also called 1000trails, but it was computer-computer not computer-Internet (My software flagged it as different)

I fired up net-stumbler and found the mac address of the 2nd router.. DIFFERENT from the park's router

Reported to management.

macmac · Sep 10, 2008

It's recommended that PINs are memorised which is fine except that I have several which I need to use at various levels of frequency. I have several other id numbers for bank accounts which I also have to memorise. It's hard if not impossible to remember all of them reliably.

So, here's a question for you guys knowledgeable about such issues. I use a 10x10 matrix. 10 columns, 10 rows in which I embed my PINs. The remainder of the matrix is filled with random numbers.

I use a master PIN - which IS in my head - to unlock all the other PINs

How secure/insecure is that?

Keith

Ned · Sep 10, 2008

What are you securing from? If you forget the master PIN then you've lost all your PINs. You have to write the matrix down, so that's only as secure as your master PIN. In other words, not any more secure, and actually less secure, than just remembering one PIN for all purposes with nothing written down.

Gary RV_Wizard · Sep 10, 2008

We use an inexpensive program called Password Agent to record IDs, passwords, PINs and related account information. I also store my software license information (Key Codes) in that file. It encrypts the data and has a Master Password, so you still have to remember something. It's a simple program to use.

macmac · Sep 10, 2008

Ned said:
What are you securing from? If you forget the master PIN then you've lost all your PINs. You have to write the matrix down, so that's only as secure as your master PIN. In other words, not any more secure, and actually less secure, than just remembering one PIN for all purposes with nothing written down.

I partly agree - I suppose I could have just a single PIN for every account I use and never write it down. But access to all accounts could be had if that PIN were ever discovered (without needing the matrix)

I'm unlikely to forget my MASTER PIN because it's in frequent use to decode all the others. And that PIN needs the matrix - useless on its own.

So is that less insecure do you think? I'm serious - I hope my logic isn't faulty.

Ned · Sep 10, 2008

It's insecure in that you have to write down the matrix, and if the master PIN is compromised, then all the other PINs are as well. The purpose of the PIN in the two factor authentication system is that it's never written down, thus can't be compromised. Since a PIN is only 4 digits, it would not be difficult to attack the matrix and once one PIN was validated, all the others would be too. It's the written record that makes your scheme insecure.

macmac · Sep 10, 2008

Ned said:
It's insecure in that you have to write down the matrix, and if the master PIN is compromised, then all the other PINs are as well. The purpose of the PIN in the two factor authentication system is that it's never written down, thus can't be compromised. Since a PIN is only 4 digits, it would not be difficult to attack the matrix and once one PIN was validated, all the others would be too. It's the written record that makes your scheme insecure.

good points. I'll have to re-think this....

papahog · Sep 10, 2008

I would guess I am not nearly as worried about this as I should be. I use one pin for most everything with a change for different accounts. Easy to remember. However I have a bunch to remember. Passwords, pin numbers, account numbers etc etc. So it is all wrote down on a pad in my safe for when I cannot remember.

Lariat Trucker · Oct 6, 2008

We had an unusual thing happen this past weekend. The Private Campground we stayed at had Wireless so I decided to link up and check e-mail.

For some unknown reason my laptop would not allow me to use Internet Explorer even though I was connected to the Wireless. I went in and looked at my security software and found that it had blocked the connection due to some security problem. My neighbor at the Campground was from Michigan and said it has become quite a problem at campgrounds close to interstates. Hackers go into the wireless systems and watch the activity of the users! Not just Campgrounds but Hotels and Truck Stops are being hacked into. I found several references to this problem on the internet. It has changed my use habits on open wireless systems.

papahog · Oct 6, 2008

Wireless Card for my laptop. Always on where cell service is possible, secure and its mine. $60 a month is cheap for the peace of mind I get.

macmac · Oct 6, 2008

macmac said:
good points. I'll have to re-think this....

I have thought further about this but can't see how I can devise a simple system, which is any more secure and which I can keep at hand to deal with the many PINs I use. (without needing a computer etc)

I need something which allows me to look up any of several PINs which I use for day to day financial activity. I use them on a regular basis, those most often used I can remember more readily. But my memory is simply not up to remembering all of them.

If I write them down, and the list is compromised, the security of all the cards is compromised.

If I have them recorded as at present, a master PIN is needed to be able to read them. I agree that if the Master PIN is found out all the rest become available, but it's one step less insecure than the above.

What do others do in a similar situation?

Tom · Oct 6, 2008

Keith,

Taking a cue from forum member Terry Brewer, I put all my passwords and PINs on a thumb drive (aka jump drive). They're encrypted and are accessed by software on my PC which requires a master password that is only in my head. If I lose the laptop, the passwords aren't on it. If I lose the thumb drive, the software isn't on it to access the passwords. If lose both together, the master password doesn't reside on either. IIRC Terry has his thumb drive on a chain around his neck.

If I need to access a secure site and can't recall the respective password, I pop the thumb drive into a USB port, fire up the application, and enter the master password. I can then either read the PW or copy it to the clipboard and paste into the login form. I define how long the password stays on the clipboard.

macmac · Oct 6, 2008

Tom said:
Keith,

Taking a cue from forum member Terry Brewer, I put all my passwords and PINs on a thumb drive (aka jump drive). They're encrypted and are accessed by software on my PC which requires a master password that is only in my head. If I lose the laptop, the passwords aren't on it. If I lose the thumb drive, the software isn't on it to access the passwords. If lose both together, the master password doesn't reside on either. IIRC Terry has his thumb drive on a chain around his neck.

If I need to access a secure site and can't recall the respective password, I pop the thumb drive into a USB port, fire up the application, and enter the master password. I can then either read the PW or copy it to the clipboard and paste into the login form. I define how long the password stays on the clipboard.

Hi Tom

Yes that's a good idea for online use but no good if you're trying to use your card at a merchant's for example or if you're away from your computer.

For the life of me I can't see how I can do anything other than to have a written record as I presently have.

Keith

papahog · Oct 6, 2008

One nice thing about being broke. I can not get hurt very bad if the worse happens.

:-\

Tom · Oct 6, 2008

Good point Keith. Might have to limit yourself to internet shopping.

Used to be I could memorize a phone book, but that ability started slipping some time ago. Now I have a hard time remembering my neighbor's house number, and have no clue what the registration numbers of our cars are. OTOH I can still recall useless things like my NHS number and my BSC employee and clock numbers, which I haven't used in 30 and 40 years respectively. Maybe I should use them as PIN numbers.

Tim Lassen · Feb 8, 2009

Anything I do online or in person usually doesn't require that I provide a pin number unless I am transferring funds from one bank to another which is usually online. I rarely use a bank card. If I remember correctly bank cards are same as cash, so not necessarily protected by the card company. I keep pin numbers and all other passwords, etc. on a thumb drive which I keep in a small fireproof safe that sets near my desk or when traveling in a smaller fireproof safe. The info is on a spreadsheet with a password that some may be able to get around but Marsha can't so I am safe..tim

macmac · Feb 8, 2009

Tim Lassen said:
Anything I do online or in person usually doesn't require that I provide a pin number unless I am transferring funds from one bank to another which is usually online. I rarely use a bank card. If I remember correctly bank cards are same as cash, so not necessarily protected by the card company. I keep pin numbers and all other passwords, etc. on a thumb drive which I keep in a small fireproof safe that sets near my desk or when traveling in a smaller fireproof safe. The info is on a spreadsheet with a password that some may be able to get around but Marsha can't so I am safe..tim

Be thankful that Chip and PIN, as used in our homeland UK, isn't in use in North America extensively. But your time may well be coming

We had to use a PIN when making transactions in Canada 2007 - they already have card readers in use - at least in the places we visited...

At home we routinely use PINs for all on-the-spot transactions, debit and credit alike - we don't use a signature any longer. The next procedure will be having to use home mini-card readers online. Ours is due to be delivered to our home late March so that will be one more thing we have to learn to use when accessing our bank accounts or buying goods. How that will work when we're trying to access our UK accounts from the USA we just don't know.

Watch this space.

Tim Lassen · Feb 9, 2009

Full body and eye scans are probably next..tim

Identity Theft

Well-known member

Well-known member

Well-known member

Well-known member

Moderator Emeritus

Site Team

Well-known member

Moderator Emeritus

Well-known member

Well-known member

Member

Well-known member

Well-known member

Administrator

Well-known member

Well-known member

Administrator

Well-known member

Well-known member

Well-known member

Forum statistics