Knowing the site is a fake or not ? Bank switching to windows ?
Robin Laing
Robin.Laing at drdc-rddc.gc.ca
Tue Jun 7 14:29:30 UTC 2005
Thomas Taylor wrote:
> On Monday 06 June 2005 12:39, James T. Carver wrote:
>
>>On Monday 06 June 2005 10:57 am, fedora-list-request at redhat.com wrote:
>>
>>>On Mon, 6 Jun 2005, Robin Laing wrote:
>>>
>>>>In my case, if it is really a place that I need security (bank), it is
>>>>a phone call. My online bank will only allow 3 mistake logins within a
>>>>short time and then it requires a phone call to get the access opened.
>>>>
>>>>If I get a password by email, I change it on the first new login.
>>>>
>>>>The odds of a single email sniffed is pretty low in my opinion. And if
>>>>you are on the ball, you request the password when you will receive it
>>>>and hopefully act before the sniffer can even go through the data.
>>>
>>>Some banks in europe will hand you a sheet of one-time passwords to be
>>>used in order in the event that other mechanisms fail or are
>>>inappropriate.
>>>
>>>
>>>>This is an interesting thought. When one bank that we used changed
>>>>from UNIX to Windows servers, the passwords became case insensitive and
>>>>would not accept some characters. We raised this with the bank and
>>>>they didn't seem to concerned.
>>>
>>>--
>>
>>Just knowing that the bank switched from linux/unix to windows makes me
>>leary of doing business with that bank to begin with. even with the latest
>>and greatest from$icrosoft there are so many holes you could drive a truck
>>through them. If the bank wouldn't let you use case senstive and other
>>character passwords it just make cracking that bank easier so I sure would
>>take my money and put it into a different bank.
>>
>>James
>
>
> Is someone willing to name the bank and possibly help us avoid a risky
> experience?
>
> Tom
This was some time ago. I was the TD bank in Canada. I would have to
confirm that this is still the case.
I don't deal with them now and I haven't for years. The bank I deal
with supports Firefox but not Mozilla. If you set some of the
security features, you cannot download your statement due to pop-ups.
I use Mozilla and it is great. On logout they actually tell you to
clear your cache and/or shut down your browser to clear any tokens.
--
Robin Laing
More information about the fedora-list
mailing list