Password Strength

[vienna]

Quote:

Originally Posted by Rockstar

I do, but I don't use words found in any dictionary. Just random use of no less than a combination of 12 (more the better) letters, special characters and numbers with a 2FA or two step verification. If your credit/debit cards get compromised its usually because people just aren't paying attention or save them in an online retailer provided wallet. Rather than attack individuals hackers will hack through a retailers security to get your and a lot of others information. I also shop online but never save credit card numbers as retailers try to convince us 'for your convenience'.


Should add too, my bank allows me to freeze and unfreeze my card between use. I also set up alerts and receive a text every time a card is used for a purchase by me or anyone, very convenient. That and I only browse using HTTPS only mode helps too.

Well, the gist of this thread has suddenly become relevant to me. I subscribe to a service the USPS offers where they email me a scan of any mail they process for my address; I usually use this to decide if I'll bother to go and retrieve my mail from the mailbox or leave it for a bit, sort of 'if its junk mail, it can wait'; last Friday, the scan showed a piece of junk mail and a letter from the insurer who administers my Medicare/Medi-Cal health insurance coverage; I thought it was just another of the monthly summaries of what was expended by the plan on my behalf, some thing which does not normally require me t respond in any way, so I left it there in the box; Saturday, the scan showed no new mail, so I also left the box untouched; yesterday night, Sunday, on the way home, I took the mail from my mailbox, but did not open it; today. I opened what I expected to be the usual monthly summary form the insurance company and found out I was being notified there had been a breach of patient records and that my data was part of the breach; the insurance company stated the breach had been a hack of a third -party service they contracted with to provide interface between the various entities involved in my coverage; so far, it seems the extent of the data is minimal and will not necessarily affect me financially; the insurer also stated they had terminated the third-party service (Duh!!) and offered me one year of cyber-security coverage for free for continued monitoring of any of my other accounts; like not a few of the others on this forum, I also have had a dim view of putting out too much info of websites and also have kept any financial dealings down to a very bare minimum (I don't even have credit cards), so I really doubt I am currently at much risk, but the incident does underscore just how tenuous the security of our data really is and how, even though one might have a degree of confidence in the security efforts of the entities we primarily deal with, we really have little to no knowledge of, or control over, the third-party contractor with whom they do business or with whom they contract and allow to access our data...







<O>