Jump to content
ensconced

***NOT A DEAL 'JRR Shop news' NOT A DEAL***

Recommended Posts

Never use the same password on more than one site.  Seriously.  Yes it's painful, so get a password manager (or use the browser stuff).  For every site generate a new random password.   The two together (different passwords everywhere and password not humanly generated) you can avoid a lot of issues. 

If you use the same password on more than one site and your password is something in the dictionary (or on the list of top 100 used passwords) and you will get hacked a lot.   No matter how great the site encrypts your password, if your password isn't crazy random it will be decrypted in no time.

For anything relating to money I'd recommend adding some sort of 2 factor authentication as well.

  • Like 3

Share this post


Link to post
Share on other sites

Getting a new credit card (number) issued on a semi-regular basis (like annually) is more effective than trying to keep accounts straight, passwords changed, etc. Anyone who doesn't get a monthly CC payment from you have ZERO reason to keep any CC information. Most CC companies will issue a new card number (same account, just different card information) upon request (or just tell them your card is damaged and want a new card/number). Especially in this day in age when you create an account and make a one-off purchase, there is no reason for that CC information to stay active until its expiration date (especially for those that love "doesn't expire till 2040").

Someone hacking a site and stealing your account/digital purchases is another matter, but there is no reason to leave CC information active indefinitely.

  • Like 1

Share this post


Link to post
Share on other sites
Posted (edited)
27 minutes ago, mettelus said:

Getting a new credit card (number) issued on a semi-regular basis (like annually) is more effective than trying to keep accounts straight, passwords changed, etc. Anyone who doesn't get a monthly CC payment from you have ZERO reason to keep any CC information. Most CC companies will issue a new card number (same account, just different card information) upon request (or just tell them your card is damaged and want a new card/number). Especially in this day in age when you create an account and make a one-off purchase, there is no reason for that CC information to stay active until its expiration date (especially for those that love "doesn't expire till 2040").

Someone hacking a site and stealing your account/digital purchases is another matter, but there is no reason to leave CC information active indefinitely.

Good idea as well. I have done this. It reduces the chances .  Doesn't hurt to change them periodically, especially if you just used the card in a situation where there was a possibility it could have been compromised., such as travel.

I had one of my cards hacked. It probably wasn't done online. Before COVID we were staying in a  distant motel. They always get your CC info. We think it happened then. New card issued. No worries.  They were clever ( so they thought) by trying to get a 3.00 item to see if it would go through. Then they went to a 300.00 item. We had made the phone call before they were able to get the larger amount.

Edited by Starise

Share this post


Link to post
Share on other sites
19 minutes ago, Starise said:

Good idea as well. I have done this. It reduces the chances .  Doesn't hurt to change them periodically, especially if you just used the card in a situation where there was a possibility it could have been compromised., such as travel.

I had one of my cards hacked. It probably wasn't done online. Before COVID we were staying in a  distant motel. They always get your CC info. We think it happened then. New card issued. No worries.  They were clever ( so they thought) by trying to get a 3.00 item to see if it would go through. Then they went to a 300.00 item. We had made the phone call before they were able to get the larger amount.

I had a credit card get caught up in 2 major breaches. Both times the issuer cancelled my card and issued a new number. A 3rd time someone used my card for a low dollar amount to see if it would go through. Called right away, cancelled and renewed, and the transaction was quickly backed out.

The bigger risk IMHO, is when you use a debit card for an online (or anything besides the ATM machine) transaction. The hacker now has access to YOUR bank account!

It would be a more stressful process to get the bank to give you your money back. Especially if bills are due!

When a credit card gets hacked, it is the banks money that gets stolen. So they have more incentive to deal with the problem quickly. It's still an account in your name with the potential to affect your credit rating if not dealt with promptly, but in my experience most banks are willing to offer 'no risk' credit card fraud options.

 

Share this post


Link to post
Share on other sites

The password manager is a great idea but how does work if I sometimes use either my three computers or my phone to make purchases?

Share this post


Link to post
Share on other sites
6 minutes ago, abacab said:

I had a credit card get caught up in 2 major breaches. Both times the issuer cancelled my card and issued a new number. A 3rd time someone used my card for a low dollar amount to see if it would go through. Called right away, cancelled and renewed, and the transaction was quickly backed out.

The bigger risk IMHO, is when you use a debit card for an online (or anything besides the ATM machine) transaction. The hacker now has access to YOUR bank account!

It would be a more stressful process to get the bank to give you your money back. Especially if bills are due!

When a credit card gets hacked, it is the banks money that gets stolen. So they have more incentive to deal with the problem quickly. It's still an account in your name with the potential to affect your credit rating if not dealt with promptly, but in my experience most banks are willing to offer 'no risk' credit card fraud options.

 

Good points. I seldom use my debit card. This is for different reasons though. I have been coerced into using a Disney credit card that gives discounts to see Mickey Mouse. Yeah I know. A shame I can't apply points to plugin boutique.

7 minutes ago, Bapu said:

The password manager is a great idea but how does work if I sometimes use either my three computers or my phone to make purchases?

You use Google?

Google knows all :D

Share this post


Link to post
Share on other sites
34 minutes ago, Bapu said:

The password manager is a great idea but how does work if I sometimes use either my three computers or my phone to make purchases?

I use Keepass on everything and sync my encrypted password file using Google Drive.  So the file is kept updated on all my computers and phones and tablets.  I think most normal people just use a password manager that lives in the cloud.  But I've been doing the shared Keepass thing for a very long time and have been loath to change.  I also let Firefox and Chrome keep accounts/passwords to make logging in easier, but I keep master copies in Keepass.

I like the fact that each entry can have comments and notes, so I record all those silly questions sites love to add to identify you.  Plus pins and anything else.

Of course if you can get my password file and brute force the password you would have everything.  But I don't think anyone has the computational power to do that right now.  At least not with my current password.

Share this post


Link to post
Share on other sites

I know this - as an IT guy, I've seen enough red flags for me to avoid JRRShop now.

  • Like 1

Share this post


Link to post
Share on other sites
4 hours ago, Bapu said:

The password manager is a great idea but how does work if I sometimes use either my three computers or my phone to make purchases?

One idea, as Matthew suggested, would be to use a cloud based one. LastPass often comes recommended, though there are others too.

https://www.lastpass.com/

Another word of advice is to think before using the one that might come with your antivirus package - it's probably very good and safe, but if you ever change your A/V, migrating passwords is going to be a pain

  • Like 1

Share this post


Link to post
Share on other sites

If you end up using 2FA, check out Authy:

https://authy.com/

Some 2FA apps are tied to a single phone, meaning if you lose it, you're stuck. Authy lets you create an account, which you can share with multiple devices.

Share this post


Link to post
Share on other sites

Google's recent update to their authenticator lets you export your 2 factor keys to another machine.  You aren't stuck anymore with it.

Share this post


Link to post
Share on other sites
23 hours ago, husker said:

I know this - as an IT guy, I've seen enough red flags for me to avoid JRRShop now.

This is exactly what I am thinking too.

 

On 8/4/2020 at 10:43 AM, Bapu said:

The password manager is a great idea but how does work if I sometimes use either my three computers or my phone to make purchases?

I use LastPass for quite a few years now. They keep the software updated and add new features fairly often. It is also has an Android app that seamlessly lets me use it on my S10. It stays sync'd across all my PC's and cell phone. It also has a family feature that allows a family to use the same software with different profiles and passwords. I really like it. 

Share this post


Link to post
Share on other sites

I'll be looking at LastPass. Played with KeePass. Didn't warm to it immediately.

Share this post


Link to post
Share on other sites
5 minutes ago, Fleer said:

Pass

Gas?

  • Haha 1

Share this post


Link to post
Share on other sites
2 minutes ago, Bapu said:

Gas?

Oh yeah. They just threw fertilizer on the fields around my house. Man. 

Share this post


Link to post
Share on other sites
15 minutes ago, Fleer said:

Pass

 

10 minutes ago, Bapu said:

Gas?

 

At my age this is a regular thing!! : )

 

 

 

 

 

Was that TMI?

  • Haha 2

Share this post


Link to post
Share on other sites
17 minutes ago, Fleer said:

Oh yeah. They just threw fertilizer on the fields around my house. Man. 

Strawberry Fields Forever?

  • Sad 1

Share this post


Link to post
Share on other sites

Forgot to mention: Authy also has a Windows desktop app, and a Chrome extension you can use if you want (in addition to your mobile); you aren't limited to only phones

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×
×
  • Create New...