People on various forums were arguing about the morality or whatever of Windows 10 gathering information on its users. My credit union changed to a system by a different company which included all of their online banking. They were closed Aug. 28 at 5 pm (all systems closed) until September 1 at normal opening hours. When the new system was installed you were given a password that actually had a set of digits from your social, and the user name was your account #. I was working at entering a new user name and password and got hung up somewhere. Yesterday I called one of the branches and pretended to be me. Because I sounded similar to me and knew the account #, the teller that answered the phone gave me both my new user name and my current password. I could have been anyone. My point is that at some point you are trusting people to keep your information safe.

The greatest flaw in current online security practices IMHO is that businesses are trying to give the impression of increased security when all they are actually doing is making things awkward. If you make it too easy or too difficult for people to use security practices, people do silly things like, in the case of your credit union, "helping" customers by providing info that should not be provided or, in the case of the user, writing things down on a slip of paper and sticking it to the monitor, using the name of your dog plus your wedding anniversary and so forth.

Security can be easy and reliable but, good security practices don't look "sparkly". My favorite thing to hate is folks who force me to use a certain password format. Simply tell me what a good format is BUT, let me make the choice as to what to use. I make good choices. If the guy next door does not, let him take responsibility for that. Don't force me to choose a format I will never remember simply because my neighbor is lazy.

Rant off :D

I also think the reason the majority of this is happening is because of the data they are gathering on us as consumers. It's my personal preference that you don't know anything about my transaction. I don't want any special discount cards, I don't want any promotions, just give me the best price you can and if I accept it, then I accept it and we have a deal. The fact that you think you need to gather the fact that I bought a Coke on a hot day and do something with it, or sell that data to the highest bidder is what's causing the issue. If you weren't storing my data, then there's nothing for anyone to steal. I understand places like hospitals and doctors need to do that, but I don't think Target needs to do that to sell me a Coke. If you would just sell me the Coke, the transaction would essentially be between me and the bank that clears your transactions. Instead, you get in the middle of it and that's where the problem arises.

If they weren't gathering the data, then there wouldn't be anything to steal. You'd have banks and hospitals as the two places that would NEED that data and NEED to be secure.

People on various forums were arguing about the morality or whatever of Windows 10 gathering information on its users. My credit union changed to a system by a different company which included all of their online banking. They were closed Aug. 28 at 5 pm (all systems closed) until September 1 at normal opening hours. When the new system was installed you were given a password that actually had a set of digits from your social, and the user name was your account #. I was working at entering a new user name and password and got hung up somewhere. Yesterday I called one of the branches and pretended to be me. Because I sounded similar to me and knew the account #, the teller that answered the phone gave me both my new user name and my current password. I could have been anyone. My point is that at some point you are trusting people to keep your information safe.

IMHO there is no such thing as complete information security. There will always be someone who can exploit a weakness i n the system and as you mentioned there is the human factor. Those who decide that Moses Yoder's financial and life history must be known then it will happen. For every safeguard there is a workaround. Keven Mitnick wrote a book on this. We have no real security for personal information. Information is bought and sold and is a commodity. anyone who believes otherwise that information is a private thing is a fool.

Yesterday I...pretended to be me.

I do that everyday of my life. ;)

I was at a Ford dealer maybe a decade ago talking to them about a vehicle. The desk had a computer monitor with the bezel completely covered with Post-It notes listing usernames and passwords for the various systems they needed to access. Real secure.