how can you verify that the site you get is not a fake?
Joel Jaeggli
joelja at darkwing.uoregon.edu
Mon Jun 6 17:40:29 UTC 2005
On Mon, 6 Jun 2005, Robin Laing wrote:
>
> In my case, if it is really a place that I need security (bank), it is a
> phone call. My online bank will only allow 3 mistake logins within a short
> time and then it requires a phone call to get the access opened.
>
> If I get a password by email, I change it on the first new login.
>
> The odds of a single email sniffed is pretty low in my opinion. And if you
> are on the ball, you request the password when you will receive it and
> hopefully act before the sniffer can even go through the data.
Some banks in europe will hand you a sheet of one-time passwords to be
used in order in the event that other mechanisms fail or are
inappropriate.
> This is an interesting thought. When one bank that we used changed from UNIX
> to Windows servers, the passwords became case insensitive and would not
> accept some characters. We raised this with the bank and they didn't seem to
> concerned.
>
>
--
--------------------------------------------------------------------------
Joel Jaeggli Unix Consulting joelja at darkwing.uoregon.edu
GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2
More information about the fedora-list
mailing list