[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security: still on my mind
- To: http://www.vermont.gov/~flora. (Flora E ), http://www.state.vt.us/~Flora. (Flora E ), http://profiles.yahoo.com/Flora (Flora E ), http://www.gmail.com/~flora (Flora E )
- Subject: Re: security: still on my mind
- From: Robert <http://dummy.us.eu.org/robert>
- Date: Mon, 09 May 2016 07:13:37 -0700
- Cc: Noelle <http://dummy.us.eu.org/noelleg>
- Keywords: ifile: nonspam -1605.12875652 spam -1756.98615026 downloaded -2353.19699669 ---------
> From: Flora <http://www.gmail.com/~flora>
> Date: Sun, 8 May 2016 20:30:38 -0400
>
> I'm still thinking about security. Do you know how to get around not
> revealing my box to online shopping companies?
Sure.
Note that the zipcode for my box is different than the zipcode for our
home address. This may or may not be the case for you. If they are the
same, the below may or may not work for you.
Here's what I do:
1) Use your home address. The credit card companies primarily use the
zipcode for verification. This doesn't always work, so you'll have to
do #2.
2) Selectively misspell your home address but use the zipcode of your PO
Box. The reason this is necessary is that some sites "correct" the
zipcode by looking up the address, and this will override whatever
zipcode you use. So, modifying the address slightly will do it. For
example, instead of "County Road", use, say, "Country Road".
> If I have already used my
> box online, do you think that I should open a different box?
If you feel like it has been permanently compromised, yes. But, if it's
only a small group of companies, then I wouldn't worry about it.
> Also, do
> you think password managers are safe?
Generally, yes. The keys here are:
1) Make sure your anti-virus software is always up-to-date. That would
be the easiest way to get into your password manager or get around
your password manager by, say, using the keylogger.
2) Make sure any back-ups you have are encrypted. This is being extra
paranoid since almost all password managers themselves use encryption.
(I actually don't do this and thus depend upon the password manager
for its own security. There are various reasons I don't do this.)
3) Have a good password that you don't use elsewhere.
For #3, I use a utility on Linux which tries to crack my password to make
sure I have good password. (It's the cracklib-runtime package.) There may
be something equivalent on Windows -- Alex may know how to find it.