Go Back  Fodor's Travel Talk Forums > Destinations > Europe
Reload this Page >

Remember to log out if you let someone else use your PC

Remember to log out if you let someone else use your PC

Sep 15th, 2006, 01:02 AM
  #1  
Original Poster
 
Join Date: Dec 2005
Posts: 432
Remember to log out if you let someone else use your PC

Just a friendly note to all that as you all probably know, one you are logged into Fodors forum, you remain logged in even if you switch off your PC. I let a friend use my PC to post her trip report as she was having some problems with our guest PC, and I forgot to log-off, so the post came through from me, creating some confusion and embarrasment, especially when I indignantly replied to people thinking it was me posting under another name - I didn't see my name on top of the post!
Sampaguita is offline  
Sep 15th, 2006, 05:38 AM
  #2  
Neopolitan
Guest
 
Posts: n/a
This is a very good point, and especially should be remembered when visiting an internet cafe.
Several years ago I used one several times at a stay in Paris. One day I signed on to a computer, went to bankofamerica, and my name and account instantly came up showing balances, etc. I had used that same computer and had not logged off that site. They have since changed the way their site works and that can't happen any more. But I also have logged onto Fodors at an internet cafe and been welcomed as another poster.
 
Sep 15th, 2006, 05:54 AM
  #3  
 
Join Date: Jun 2004
Posts: 19,000
You used a public computer to access financial information?

That's highly insecure. An invisible "keystroke logger" program can record your user name and password whether you log out, flush cookies, or reboot the machine.

Not recommended.
Robespierre is offline  
Sep 15th, 2006, 06:03 AM
  #4  
Neopolitan
Guest
 
Posts: n/a
Yes, I know. But I've been doing if for 12 years now. There aren't many other options when traveling for up to 5 months at a time in Europe without your own computer.
While "I've never had a problem" may not be a good answer, it's the best I can give.
 
Sep 15th, 2006, 06:38 AM
  #5  
 
Join Date: Aug 2004
Posts: 4,608
that's why most (all?) british banks never ask your whole PW at one time. you will be asked for char 2, 5 and 8 for example (constantly changing combination of chars). it is a pain but it provides at least some level of security against this problem.

i don't believe very many, if any north american banks do this but i might be wrong. don't know about the continent.
walkinaround is offline  
Sep 15th, 2006, 07:10 AM
  #6  
 
Join Date: Mar 2004
Posts: 545
Regarding entering passwords on 'public' computers: One can escape the keystroke-logging trap with a little bit of advance prep.

First, before you leave home, send an email to yourself at an email account you'll be able to access anywhere -- Yahoo, for instance, or Hotmail. In this message, include any passwords you'll want to use in your travels. Also, embed the actual password in a string of meaningless letters.

For example, if my password to my Bankamerica online account were "fritzl", I would send an email to myself containing the phrase "1xq5zfritzrl62blexusmall9vtg'.

To use the password an an internet cafe, I'd first go to my email on, say, Yahoo, and bring up my password message. I would then highlight carefully the 'fritzrl' from the string of letters (above), then copy them with a cntl+c command.

I'd then go to the Bankamerica website, enter my userid in the normal way, then 'paste' with cntl+v the string of letters I'd just copied into the 'password' field. With that, I've just entered my password without ever actually typing it, and the BofA website should 'mask' it in the usual way so it can't be viewed.

As has been noted, do remember to log out of any account before leaving the public PC. It also helps to go do a "clear history" before shutting down the browser. That function is usually buried in the tools/options menu.

Fritzrl
fritzrl is offline  
Sep 15th, 2006, 09:02 AM
  #7  
 
Join Date: Jun 2004
Posts: 19,000
That technique is so obvious that there are certain to be loggers that also compromise the Clipboard. As soon as you Ctrl-C, your password is in Belarus.

Hackers with criminal intent probably outnumber security programming specialists by thousands to one.

My advice: don't use public computers to access sensitive financial data. Period.
Robespierre is offline  
Sep 15th, 2006, 09:16 AM
  #8  
 
Join Date: Aug 2003
Posts: 8,862
ING direct is more advanced than most when it comes to online access of your account. The login screen matches letters with numbers, but you must type the letters in to gain access to your account. I assume the letters change constantly.

There're also other features, but I've not had the occasion to use them as it recognizes my computer's IP so that bypass those features.

But then ING is a Dutch bank.

It's too bad their savings rates are no longer competitive.
111op is offline  
Sep 15th, 2006, 09:21 AM
  #9  
 
Join Date: May 2005
Posts: 19,881
< ING direct is more advanced than most >

Not in the UK it ain't, all you have to know is your customer number, TYPE in selected numbers from your PIN then enter a memorable date.

Nationwide is slightly better as instead of typing in your PIN you select numbers from a drop down menu.

The biggest problem BTW that I have is remembering what PIN / date / customer ID goes with what website. In the past 2 months I've had to reset my Nationwide account 3 times - mainly because I don't often go into it.

So how do other Fodorites remember a range of numbers / facts / figures?
alanRow is offline  
Sep 15th, 2006, 09:25 AM
  #10  
 
Join Date: May 2005
Posts: 19,881
Oh & their UK interest rates are competitive.
alanRow is offline  
Sep 15th, 2006, 09:26 AM
  #11  
 
Join Date: Aug 2003
Posts: 8,862
I don't know the UK interface -- but it does seem outdated (I bank in the US).

ING security feature:

https://home.ingdirect.com/privacy/p...ecurityfeature

I try to recycle PINs and passwords and login IDs. I write my customer ID for ING on a small sheet of paper.

But I doubt I'll need it anymore, as I've transferred most of my money out of that account. As I mentioned, their rates aren't competitive, so why bother.

I also discovered that I need to keep a notebook to write down a cornucopia of random facts & tidbits that I just can't recall sometimes. I guess when I age the memory goes.
111op is offline  
Sep 15th, 2006, 09:28 AM
  #12  
 
Join Date: Aug 2003
Posts: 8,862
Sorry to have hijacked someone else's thread, but what's the UK rate these days?

ING is offering 4.35% for money market in the US, but it's quite easy to get 5% these days (for example, at HSBC direct or Citibank). Even the 6-month CD at ING (5%) is not competitive -- Citibank offers 5.5%.
111op is offline  
Sep 15th, 2006, 09:31 AM
  #13  
 
Join Date: Jun 2004
Posts: 19,000
"...it recognizes my computer's IP so that bypass those features."

Boy, I hope not. Check out http://en.wikipedia.org/wiki/IP_address_spoofing and get back to us.
Robespierre is offline  
Sep 15th, 2006, 09:35 AM
  #14  
 
Join Date: Jan 2003
Posts: 2,330
A real problem with computer security is complexity. The more numbers, special characters, upper case, lower case requirements in a password, the more likely the password is written down easily breaching security.

At least 1 out of 5 people where I work have their password written in their top desk drawer. How's that for security?

I have a 5 letter, offbeat "base" password I use. When I write it down I substitute the word "usual". My password list has a lot of "usual1" "usual123" "usual2#4" stuff written on it.

I can lose my password list and not worry much. It would be very unlikely for anyone to guess my "base" password which is written nowhere on anything I own.
indytravel is offline  
Sep 15th, 2006, 09:43 AM
  #15  
 
Join Date: Aug 2003
Posts: 8,862
I didn't read the link, but logically, if I go to a random internet cafe in Paris, how would the thief know the IP address of the computer where I usually access my ING account? Even if it knows that somehow, there will be other security features the thief needs to bypass.

In any case, I point out the ING features, but I'm not claiming they're foolproof. I'm claiming that they're more sophisticated than most. And I don't access my bank accounts at internet cafes when I travel. I've never been away that long to need to attend to financial affairs when I'm away -- beyond accessing the ATM or calling my bank to say that I've lost the card. That does seem to happen quite often. Too bad.
111op is offline  
Sep 15th, 2006, 10:03 AM
  #16  
Neopolitan
Guest
 
Posts: n/a
Things I've done traveling that are a bigger risk than using public computers:

I've never bought travel insurance.
I've bungee jumped in New Zealand.
I've flown on Olympic Airways in Greece.
I've carried my wallet in my pants pocket and have never used a money belt.
I've used ATMs without shielding the screen.
I've walked back to my hotel or apartment without checking to see if I was being followed.
I frequently send my credit card number by email.
I have sent cash in the mail.
I leave my passport in my hotel room or apartment. (along with laptop, camera, and various other things).
I've given my name, address, and email to total strangers I've met on trains or boats.
I've walked alone in many cities of Europe after dark -- sometimes in "seedy" areas.
I've let my credit card get out of sight by a waiter or service worker.
I've left my passport with hotel clerks over night.
I've stood on the edge of countless mountains to have my picture taken or look over the edge.
I always drink the tap water.

Hmmm. Now that I think about, I guess I really live on the edge.
 
Sep 15th, 2006, 10:24 AM
  #17  
 
Join Date: Jun 2004
Posts: 19,000
See also: Steve Irwin.

Got away with risky behavior for years.
Robespierre is offline  
Sep 15th, 2006, 11:46 AM
  #18  
 
Join Date: Mar 2004
Posts: 545
All of life is a risk, my opinion. I view the concept of "safety" as a myth, myself, similar to concepts like "job security" or "financially secure retirement".

Steve Irwin probably took the risks he did because he viewed the risk of being impaled, chewed up, gored, trampled, drowned or poisoned as more personally acceptable to him than the risks of boredom, anonymity or joblessness. Not my risk-evaluation picture, but something like it must have been his. But, like almost everybody, I do similar risk assessments all the time: when booking an airline ticket, or when climbing behind the wheel for my daily commute, or even just taking a walk in the park.

So, here's the scenario: I'm sitting at an EasyInternet terminal in Berlin, with the intent to log in online to transfer some money into my checking account, before I use my ATM card to withdraw some Euros. I'm accepting numerous risks at that point all the way from suffocation on the cigarette smoke around me, to getting a troublesome infection from the scuzzy keyboard, to alerting some keystroke logging app to capture my password. But they're all more acceptable to me than the risks associated with sleeping on the sidewalk that night and doing without dinner.

Besides, I've taken reasonable precautions beforehand to mitigate the impact of any of those risks, including packing anti-bacterial gel and checking into my bank's policies on unauthorized withdrawals. Therefore I proceed with one set of admittedly risky behaviors in order to avoid having to endure unacceptable risks later.

Perhaps the cut/paste technique is not an ironclad risk-free solution, but it is a mitigation with a greater chance of success than taking no measures at all.

Fritzrl
fritzrl is offline  
Sep 15th, 2006, 01:41 PM
  #19  
Neopolitan
Guest
 
Posts: n/a
I don't get the Steve Irwin connection. If he had been killed by a crocodile that would be one thing, but he was scuba diving in a "non hostile" situation. Accidents happen. If he had been hit by a car and killed would you still be suggesting it was his "risky behaviour" that caught up with him?

So go back to my list. I could have spent the last 15 heavy travel years NOT doing any of those things. But guess what. I wouldn't have enjoyed myself nearly so much. Having to spend 24 hours a day taking every imagineable precaution just isn't my way of doing things, and I don't intend to start now.
So if someone gets my account number, it will cause some confusion and some minor problems and time-consuming corrections. But overall I'm protected from major catastrophy to my bank account.
 
Sep 15th, 2006, 01:57 PM
  #20  
 
Join Date: Apr 2004
Posts: 5,950
You call that living on the edge? Heck, I CHECK MY BAGS AT THE AIRPORT.
Carrybean is offline  

Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy -

FODOR'S VIDEO

All times are GMT -8. The time now is 09:42 PM.