July 21st, 2004, 07:55 AM
This is just a thing that happened to me today, I thought it was funny and sad at the same time.
I went to Commerce bank to open a new checking account, the woman that helped me was the lead teller. She lectured me on the need to keep my account numbers secret for security purposes and told me all about the rampant identity fraud and how easy it is for hackers to steal account info. and how the bank will help me and my account be safe......
Then she tells me that I can log on to the internet and access my checking account.....
I asked her how you can do that?....She say's I'll Show you.....
She brought up the bank web page, and let me come around the desk so she could show me how easy it was.... and ..........
ENTERED HER USER NAME AND PASSWORD!!!!!!!!!!!!
WHILE I WAS LOOKING OVER HER SHOULDER!!!!!!!!
to top it off she only had a 4 letter password!
I spent the next 10 minutes leturing her on passwords, security and stupidity...
I really hope that she listened and changed her password.
Has anyone else had an experience like this?
You can\'t squeeze cheese from a goat before it\'s hatched.............
July 21st, 2004, 08:13 AM
I have experienced lots of similar incidents. More often, there are just people who really think you dont know how to do things. They tend to teach you a thing or two and yet they forget that what they're doing contradicts to what they are teaching. Then again, since it seems you know more than her, its like a moral responsibility to teach her or "guide" her. In most banks though, customer service representatives and other bank staff teach you things that they were not really thought well to them... Can't blame them. They're just doing their job. Just be morally upright and do your part in making the world secured of hacking...
cheers! welcome to AO
If your curious, your probably interested.
July 21st, 2004, 08:27 AM
Registered: Dec 2001
LOL, i think the welcome is kinda late
Come on, we all were stupid once, and still are in some areas, that why we teach each other !
July 21st, 2004, 09:43 AM
thats 100 % right NemorY thx ... i think that what AO is all about teaching each other ,helping each other to get better ...and u guys doing a great job here
Come on, we all were stupid once, and still are in some areas
Remembered that if you are intending that hurts, steals, hates other people it is natural that they will meet you by the proverb.......
July 21st, 2004, 09:57 AM
once when I sneezed a piece of rice came out my nose. does that count ?
July 21st, 2004, 01:00 PM
Yea, but I managed to sneeze corn out one time... I was lauging really hard while eating and it went up into my nose and then I sneezed really hard and it was stuck, so then it made me sneeze again and it flew out covered in snot.
<--Best hardware/gaming news out there--|
<--Gamers will love this one
Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.
July 21st, 2004, 01:40 PM
I had a user log in and he had only a 3 letter password. What's even worse is I said I know your password and he thought I was a liar. When I told him his password he was "amazed". Kinda funny when hitting 3 buttons to log into his e-mail was easy to follow and he thought he was "secure". What makes this even more hilarious is that he still to this day has the same password. Well, I guess security is not for the terminally stupid....
July 21st, 2004, 01:52 PM
One of the tasks I have been involved with is the installation of a certain Aussi Bank EFT-POS terminals (which Bank?), these are normaly for small and some medium busineses. The terminals come with a default Password.. And is supposed to be changed by the client as the last step during the installation.. Note I said "supposed to be"...
The Client is warned that this should be changed once a month, "or atleast after staff changes" cough (just because the bank turns over staff that quick)
Going back to a site several months later.. I found the system still had the default password.. I changed my practice to entering the old password for the people THEN handing them the terminal to enter the new password..
The terminal suppliers changed the firmware to prevent the client using certain weak passwords.. that was fine ... but the ppl still insisited on using the default.. (it was easy to remember as it was written on the side of the terminal) bugger.. can't deface the terminal.. simple.. pick a random number ( a caculator handy toy) enter the new password BEFORE leaving for the site.. hehe cunning?... nooo.. they liked the look of the number on the terminal..
Ring bank.. as them to advise the Terminal manufacturer to ALso lock out the TErminals Serial Number or stop printing the number in nice bold digits especially the LAST SIX ...
Training the client to use the terminal is normaly 5 to 10 mins, Bank related ****, 15 mins, security lessons 45mins.. and only 5 mins of the whole session sinks in .. and it is usually the time spent asking the Bank related questions..
And security in a Bank..
I was left ALONE in the teller bay, at a local branch, for over 4 mins while doing a terminal swap over..oh and while the tellers were doing a note reconcilliation (counting the bills) .. As soon as I knew I was alone.. I immediatly stood clear of the desk and moved to the center of the room.. I expressed my opinion on the security, signed out from the site..
Security: When the cost of the loss exceeds the pain of change..people become serious
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
July 21st, 2004, 02:02 PM
Technically the terminally stupid are really rather secure. Simply because they don't have anything anyone wants....
Well, I guess security is not for the terminally stupid....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
July 21st, 2004, 02:20 PM
In my organization there is a well-known password form for the users, which is similar to the username, they suppose to chaing the password once thier accounts are activated. The most interesting bit is, so many users and staff did not even bother to change thier passwords, althought they have always been the warner and lecturer to change our passwords. I have reached to one ceratin reality "Stupidity Is Endless".