Comments on: Are you giving away your login details for all your accounts? https://www.90percentofeverything.com/2007/02/23/are-you-giving-away-your-login-details-for-all-your-accounts/ User Experience Design, Research & Good Old Fashioned Usability Sat, 25 Aug 2012 16:21:25 +0000 hourly 1 By: Garrett https://www.90percentofeverything.com/2007/02/23/are-you-giving-away-your-login-details-for-all-your-accounts/#comment-3412 Mon, 16 Apr 2007 04:41:01 +0000 http://www.90percentofeverything.com/2007/02/23/are-you-giving-away-your-login-details-for-all-your-accounts/#comment-3412 s negligence. When I heard this story, I was preparing to go out of town. My laptop was making the trip of course, and this story made me feel a lot less secure about signing into the hotel’s network, even with my own computer. I read and re-read the terms and legalities before accepting them when I signed in (something I usually quickly run through). I didn’t dare sign into any bank accounts. While I know that the internet mimics the world we live in, it takes on a whole new meaning when you become a little too relaxed and make careless mistakes that could cost you everything!! We should never stop asking “what if” and take the same precautions with the computer that we take in other areas of our lives to keep ourselves safe.]]> I had the same attitude as Sam regarding internet security until a couple of weeks ago when I saw a news program discussing a different twist on this same theme. An international ring of hackers had planted software on some hotel computers available for public use. This software recorded every keystroke made on these computers. Apparently lots of people check bank accounts online while out of town. They were wiping out the life savings of unsuspecting victims. Some of the larger banks were reimbursing their clients but a couple of credit unions and banks issued statements that they would not reimburse since this was due to the customer’s negligence.

When I heard this story, I was preparing to go out of town. My laptop was making the trip of course, and this story made me feel a lot less secure about signing into the hotel’s network, even with my own computer. I read and re-read the terms and legalities before accepting them when I signed in (something I usually quickly run through). I didn’t dare sign into any bank accounts. While I know that the internet mimics the world we live in, it takes on a whole new meaning when you become a little too relaxed and make careless mistakes that could cost you everything!! We should never stop asking “what if” and take the same precautions with the computer that we take in other areas of our lives to keep ourselves safe.

]]>
By: Sam https://www.90percentofeverything.com/2007/02/23/are-you-giving-away-your-login-details-for-all-your-accounts/#comment-1301 Tue, 27 Feb 2007 18:16:31 +0000 http://www.90percentofeverything.com/2007/02/23/are-you-giving-away-your-login-details-for-all-your-accounts/#comment-1301 For the programmers of these websites, it takes one simple line of code to store your password in plain text or have it emailed somewhere.

Furthermore, unless the website is using SSL, your password is being sent in plain text anyway, and can be easily sniffed on the local network, and even on the open internet.

I have designed login portals where users’ passwords were stored or sent to me in plain text for debugging purposes, but that code was removed (not just commented out) on production systems.

This ultimately comes down to trusting other Humans.

The internet is an inherently insecure place, just as the world is inherantly dirty and diseased. However, this doesn’t prevent you from going out in public, using the restroom, and eating in public restaurants. We just trust in a general societal set of best practices. We wash our hands, we clean our bathrooms and kitchens. We trust that other people will be good enough to protect us.

Having a website which stores bad passwords is the equivalent of having someone who purposefully sneezes on your burger, then laughs as he watches you eat it.

]]>