Personal Finance

Banking solutions with weak passwords

  • Last Updated:
  • Oct 3rd, 2014 10:53 am
Tags:
None
Deal Fanatic
Mar 24, 2008
5614 posts
1713 upvotes
Toronto
dvdguy wrote:
Oct 2nd, 2014 7:23 am
Meh... passwords are typically stolen from Keylogging programs. Long stupid passwords actually stick out to the thief.
You can't steal a million username passwords with key loggers.
Sr. Member
Jan 25, 2007
925 posts
58 upvotes
If your password is "stolen" doesn't matter strong or weak it is.
Deal Fanatic
Jun 17, 2013
5120 posts
1489 upvotes
Montreal
ksgill wrote:
Oct 2nd, 2014 8:09 am
You can't steal a million username passwords with key loggers.
you could steal a billion...there is nothing stopping you.
Deal Fanatic
Mar 24, 2008
5614 posts
1713 upvotes
Toronto
neverhaveiever wrote:
Oct 2nd, 2014 9:28 am
you could steal a billion...there is nothing stopping you.
Key loggers are to be installed on machines that users will use to connect to bank websites. Good luck installing key loggers on a billion machines.
Deal Fanatic
Jun 17, 2013
5120 posts
1489 upvotes
Montreal
ksgill wrote:
Oct 2nd, 2014 10:06 am
Key loggers are to be installed on machines that users will use to connect to bank websites. Good luck installing key loggers on a billion machines.
You clearly have zero clue about the issue at hand. The fact that you think you need to install a key logger on a billion machines, to get a billion passwords, tells me you are clueless in the matter. . . or ignorant.
Deal Fanatic
Mar 24, 2008
5614 posts
1713 upvotes
Toronto
neverhaveiever wrote:
Oct 2nd, 2014 10:33 am
You clearly have zero clue about the issue at hand. The fact that you think you need to install a key logger on a billion machines, to get a billion passwords, tells me you are clueless in the matter. . . or ignorant.
No, I am specifically addressing the idea that "billions" of passwords can be stolen using key loggers. You'd have to dupe these people into installing malicious software that'll record(and transmit) key presses, correct? One would think that hacking into servers to steal mass information would be a bigger threat, but hey what do I know?
Deal Fanatic
Jun 17, 2013
5120 posts
1489 upvotes
Montreal
ksgill wrote:
Oct 2nd, 2014 11:42 am
No, I am specifically addressing the idea that "billions" of passwords can be stolen using key loggers. You'd have to dupe these people into installing malicious software that'll record(and transmit) key presses, correct? One would think that hacking into servers to steal mass information would be a bigger threat, but hey what do I know?
Key loggers have been used in the past to break into databases. Pretty sure that's how the eBay security breach happened IIRC.

You don't need to dupe anyone. You could load the software on public computers if the public computer has garbage security

Plenty of people download software on torrents. Most disable anti virus to install as the key gen tool is usually detected by a virus software. Once one computer has a logger, it can get many passwords. For example, I've had many people ask to use my laptop to check their bank... more common during a party.

There are also a ton of people who download game hacks which are disguised key loggers. These get downloaded many times. Like my party example, if someone has an infected computer one computer can gain multiple passwords before discovery.


But hey, what do I know as a programmer analyst who deals with security often ;)
Deal Fanatic
Mar 24, 2008
5614 posts
1713 upvotes
Toronto
^ sure, I didn't say it's not possible but you deserve to have your login/password compromised if you:

1) Use public computers to access your banking/financial information.
2) Install software downloaded from torrents on the same machine as the one you use to access your banking information.

But I agree, as a "programmer analyst", your d**k is bigger than mine. :lol:
Sr. Member
Jan 25, 2007
925 posts
58 upvotes
The point is changing your password into a "Icelandic fjord" once a week will do nothing to protect you. And for business... it's just keeps IT folks looking busy while costing billions in wasted time.
Member
Mar 25, 2010
239 posts
43 upvotes
I actually hate when I am forced to choose a password with special characters. Unless you password is super easy to guess, this is a non issue. Gives you a false sense of security. Passwords are usually stolen by keyloggers, or someone tries to "bruteforce" their way into your account, using a long list of random passwords. However, most banks, if not all, have a system in place where if you fail 3 times, the account is locked and you have to call them. There's no one out there trying to guess your password

My company also has this annoying feature where they make you change passwords every 3 months. It's really useless, as we all just add a letter to the one we got. Plus, if someone wanted to hack you, they would have already had time by the time you are required to change it
Newbie
Jun 12, 2014
31 posts
4 upvotes
New Tecumseth
If banks had an option of sending an email saying each time you logged into your account online, I'd be happy with that. That wouldn't cost them much would it?

Top