bigfoot12
Member of DD Central
Posts: 1,817
Likes: 816
|
Post by bigfoot12 on Nov 11, 2014 17:28:47 GMT
Hi bigfoot12I've always been wary of asking my computers to remember any of my passwords, except for non money handling sites, just in case of machines being stolen or hacked into, not even with password manager software. Paranoid? I don't know. I share your concern. Unfortunately I don't think that there is a good answer. Using a password manager (PM) you can encrypt your passwords with a long password, so if your PC is stolen by the time they decrypt them you will have had time to change them. Also you can use very long passwords and change them every 3 months if you want which will keep some people happy. You can also make sure that every password you use is different. Using a PM is more convenient than writing everything down, which I still do with some sites. Perhaps the PM will have bugs or be hacked - I don't know what is best.
|
|
baz657
Member of DD Central
Posts: 500
Likes: 189
|
Post by baz657 on Nov 11, 2014 18:03:31 GMT
Even logging onto the MOT testing system is a pain... 5 minute log outs, change of passwords at least every three months with a minimum of 8 characters, one of which must be a number. These are the minimums we have to use on just a totally closed (non-internet based and therefore non-hackable) system.
Just like not being able to leave your front doors unlocked, etc etc, it's the world we live in today. It's a pain but for the sake of your security (and possibly keeping hold of your cash in the process) is a few extra keystrokes every 15 minutes or so too much to bear?
|
|
ramblin rose
Member of DD Central
“Some people grumble that roses have thorns; I am grateful that thorns have roses.” — Alphonse Karr
Posts: 1,370
Likes: 857
|
Post by ramblin rose on Nov 11, 2014 18:24:01 GMT
Just like not being able to leave your front doors unlocked, etc etc, it's the world we live in today. Totally off-topic, but you've just made me re-live my most horrible 5 minutes of this year, on the evening of 10th Sept  . I had rushed out very early in the morning to mastermind my mother's house move and was due to spend the night over there, but had to pop back to pick something up at about 7:30pm. I arrived to find my front door wide open and had the obvious sickening feeling instantly. I walked in to find everything as normal (in particular the office right by the front door with computers, files full of financial account info etc) and realised that not only must it have been me who left the door wide open the entire day, but either nobody had been in, or if they had, they didn't want anything  For un-related reasons I've been looking up the crime figures in this not-exactly-salubrious neighbourhood today and they aren't pretty! But the many passers-by that go through to the public footpath a few doors down obviously thought there was someone around either just on their way in, or just on their way out, so didn't bother trying to help themselves. Makes me wonder if I'm not a little too paranoid about security most of the time, and that what I think of as a nest of vipers just might be safer than I think.
|
|
star dust
Member of DD Central
Posts: 2,998
Likes: 3,531
|
Post by star dust on Nov 11, 2014 19:28:52 GMT
Or perhaps they thought there was a burglar already inside  . Sometimes we worry too much, but I think you got lucky! My back door has been left ajar for an afternoon before, but the worst thing I've done is leave my car totally unlocked for two whole days! And I live in London! Yet on another occasion many years beforehand I came out to find the wheels stolen and the car on bricks - locking wheel nuts didn't come as standard then. Luck of the draw, but all my cars since have had requisite anti- theft devices, even though I like to leave them unlocked occasionally .
|
|
niceguy37
Member of DD Central
Posts: 504 
Likes: 254
|
Post by niceguy37 on Nov 11, 2014 23:10:49 GMT
I'm being instantly logged out so the problem is still current at 23:10pm.
|
|
Bagman
Member of DD Central
Posts: 209
Likes: 131
|
Post by Bagman on Nov 12, 2014 1:54:38 GMT
I am also being logged out instantly with this message.
"You have been logged out due to a period of inactivity, redirecting ..."
|
|
gnasher
Member of DD Central
Posts: 207
Likes: 146
|
Post by gnasher on Nov 12, 2014 5:29:37 GMT
I was logged out within 5 secs of logging in, with the above message ...
On the subject of password managers, life would just not be possible without one IMHO. Making all your passwords the same is a much higher risk, remembering lots of different long and complicated ones and changing them regularly is impossible. As for writing them down and leaving them handy by your computer, ..... well that seems barking mad. Loosing your PC and an easily read list of all your passwords to the same thief would be a nightmare situation. Loosing a PC with lots of encrypted passwords on it looks pretty secure in comparison. The chance of your average thief decrypting your passwords, or knowing a man who can, seems much the lowest risk of all the above.
|
|
|
|
Post by oldnick on Nov 12, 2014 6:47:04 GMT
chris why don't you default to the 5 mins or whatever and allow the users to change it if they wish. Ratesetter has that facility. Just because another platform does something we can't assume that this is acceptable practice - RS use the word saver in many places, for example, whereas we've had a letter from the FCA saying not to use that word or describe P2P as a method of saving money. Making it user configurable isn't as easy as setting a global value, several services would need to be made aware of this and look up the user's preference on each request in order to refresh the session for the correct time. It's likely to come, although I need to run it past our compliance officer, but it's going to be weeks not days before we get to that. what about my time out warning. Could it be audible be even whilst dallying on another tab?, (which is when it would be most useful).
|
|
TFTO
Member of DD Central
Posts: 143
Likes: 71
|
Post by TFTO on Nov 12, 2014 7:15:36 GMT
Same problem with being logged out. Occasionally get a couple of minutes but more often it is instant.
|
|
pikestaff
Member of DD Central
Posts: 2,187
Likes: 1,546
|
Post by pikestaff on Nov 12, 2014 8:06:35 GMT
At approx 7:55 this morning I was thrown out immediately on first login.
I logged back in from the window that said something like "you have been logged out for a period of inactivity", and so far all has been well.
|
|
|
|
Post by phoenix on Nov 12, 2014 9:02:03 GMT
On the subject of password managers, life would just not be possible without one IMHO. Making all your passwords the same is a much higher risk, remembering lots of different long and complicated ones and changing them regularly is impossible. As for writing them down and leaving them handy by your computer, ..... well that seems barking mad. Loosing your PC and an easily read list of all your passwords to the same thief would be a nightmare situation. Loosing a PC with lots of encrypted passwords on it looks pretty secure in comparison. The chance of your average thief decrypting your passwords, or knowing a man who can, seems much the lowest risk of all the above. Couldn't agree more. I've used KeePass for a few years now, it's handy for all sorts of personal info as well as username/password combos, lives in Dropbox so always available and up to date on all devices, I just have to remember one password, admittedly somewhat long and complicated, but a mnemonic helps a lot.
|
|
TFTO
Member of DD Central
Posts: 143
Likes: 71
|
Post by TFTO on Nov 12, 2014 9:12:28 GMT
Logged in and it logged me out after 5 mins. Can we please have this fixed it's a PITA.
|
|
bg
Member of DD Central
Posts: 1,368
Likes: 1,929
|
Post by bg on Nov 12, 2014 9:26:14 GMT
It's logging me out after a couple of minutes every time I log in.
|
|
|
|
Post by baronwomble on Nov 12, 2014 9:26:27 GMT
Yes, I'm also being logged out. Same problem when using either IE or Chrome, so most likely a server side issue.
|
|
bigfoot12
Member of DD Central
Posts: 1,817
Likes: 816
|
Post by bigfoot12 on Nov 12, 2014 9:36:22 GMT
When people say logged out, do you mean it is saying you are logged out or are you actually logged out. I get the pop-up message after a minute or so, but after 30 seconds or so it goes away and I can click on dashboard in the top right hand corner and I am still logged in.
|
|
. I had rushed out very early in the morning to mastermind my mother's house move and was due to spend the night over there, but had to pop back to pick something up at about 7:30pm. I arrived to find my front door wide open and had the obvious sickening feeling instantly. I walked in to find everything as normal (in particular the office right by the front door with computers, files full of financial account info etc) and realised that not only must it have been me who left the door wide open the entire day, but either nobody had been in, or if they had, they didn't want anything 
For un-related reasons I've been looking up the crime figures in this not-exactly-salubrious neighbourhood today and they aren't pretty! But the many passers-by that go through to the public footpath a few doors down obviously thought there was someone around either just on their way in, or just on their way out, so didn't bother trying to help themselves. Makes me wonder if I'm not a little too paranoid about security most of the time, and that what I think of as a nest of vipers just might be safer than I think.
. Sometimes we worry too much, but I think you got lucky!
