Securing Personal Information: Smart phone
-
Concerns with cross platform? I've used KeePass in the past, and there is a iPhone equivalent. I just have to drop the file on dropbox to connect to it.
-
Lastpass has a version to install on Windows desktops/Laptops/tablets and Windows Phone and IOS and Android - so you're covered.
All copies are synced through Lastpass's cloud
-
@Dashrender said:
Lastpass has a version to install on Windows desktops/Laptops/tablets and Windows Phone and IOS and Android - so you're covered.
All copies are synced through Lastpass's cloud
All notes/passwords are decrypted on the device and are stored encrypted on the cloud with a very strong key. So you should be set there too.
-
I've heard and seen a good deal about LastPass - but I'm a tad leary of creating yet another account somewhere... Email, cloud, Amazon, this that,.. In some regard - I'm trying to reduce some of my digital footprint.
Not against it,.. they have a strong reputation.
-
@g.jacobse said:
This morning I took my sun to the doctor
Did it have a fever?
Was it seeing stars?
Was it a bit gassy?
Was its plasma healthy?
Did it get sick from too much corona?
Was it spewing more than normal?
I could go on like this all day.
-
Check out Keypass. Although for things like this, we just use our family wiki. It is a MediaWiki wiki and secured on our own server and encrypted via SSL. @dominica and I love it. We keep all of our important info there and a lot of trivial stuff too. From bank account info to a guide to what we packed in which packing boxes.
-
@scottalanmiller said:
@g.jacobse said:
This morning I took my sun to the doctor
Well - he is a bright spot of my day....
@scottalanmiller said:
Check out Keypass. Although for things like this, we just use our family wiki. It is a MediaWiki wiki and secured on our own server and encrypted via SSL. @dominica and I love it. We keep all of our important info there and a lot of trivial stuff too. From bank account info to a guide to what we packed in which packing boxes.
I have Keypass on the desktop / laptop. but there isn't a KeYpass for iOS. it's MiniKeepass. I can drop the file into my DropBox account and pull it from there and use the same database.
Any concerns with that process - dropping the db in to a cloud storage location - Yes,..I admit,..Just a tad bit on the paranoid side...
-
DB on cloud storage is normally fine. We've tested the same using Sharepoint as the storage for a KeyPass DB.
For me, being less paranoid, I would just keep my data on OneNote in OneDrive or something similar. Evernote or whatever.
-
LastPass gets my vote
-
@scottalanmiller said:
DB on cloud storage is normally fine. We've tested the same using Sharepoint as the storage for a KeyPass DB.
For me, being less paranoid, I would just keep my data on OneNote in OneDrive or something similar. Evernote or whatever.
I take it you trust the encryption on OneNote?
-
@Dashrender said:
I take it you trust the encryption on OneNote?
OneNote itself doesn't encrypt anything. I don't really need that data encrypted at rest as I'm not storing it anywhere that I am worried about.
-
SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?
I tend to store numbers as a normal made-up contact on my Hotmail account. The contact name will give me a clue as to what the number refers to, and I might write the number backwards or have some other crafty way of writing it that only I can interpret correctly. Basically doing my own kind of encryption. So I might have a made-up contact called Sue Smith - her initials SS referring to Social Security.
-
@Carnival-Boy said:
SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?
I tend to store numbers as a normal made-up contact on my Hotmail account. The contact name will give me a clue as to what the number refers to, and I might write the number backwards or have some other crafty way of writing it that only I can interpret correctly. Basically doing my own kind of encryption. So I might have a made-up contact called Sue Smith - her initials SS referring to Social Security.
Yes - SSN = Social Security Number
There is a pretty decent drive in the last year or so to safe guard private information due to the high number of SCAMs, and pirating. All you need a the SSN, Name and little else and you can really ruin a person.
The security conference I was at last week, the Detective on a FBI task force asked us how many of us pull credit reports on ourselves to check for isses,.. then asked how many of us pull them on our children.
He stated that if we have children over the age of about 13, we should be pulling one every year to monitor it. He's dealt with several families where the child turns 18 (legal age) and finds out he has had a credit card, electric bill for 5 or more years and his credit is destroyed....
-
@Carnival-Boy said:
SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?
It's not supposed to be sensitive. It's not a legal ID but a lot of monopolies that control your life in the US (the credit agencies being the only important ones) use it inappropriately as an identifier. So getting a hold of someone's SSN allows them to impersonate you.
Yes, the US actually has that as a problem. Mind boggling, I know.
-
@g.jacobse said:
He stated that if we have children over the age of about 13, we should be pulling one every year to monitor it. He's dealt with several families where the child turns 18 (legal age) and finds out he has had a credit card, electric bill for 5 or more years and his credit is destroyed....
Just need a good lawyer for that. A credit agency illegally collecting data on a minor is a crime. They don't have any right to do so. You just have to be willing to go after them for damages. As with everything in the US, nothing is a crime unless the victim can afford a good lawyer.
-
It's horrible how social security numbers are abused in the US. Until the government decides to protect the people from identity predators by completely stopping the use of SSNs as IDs by third parties it will continue unabated. There is no incentive for the companies doing so to collect legitimate data.
-
@scottalanmiller said:
@Carnival-Boy said:
SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?
It's not supposed to be sensitive. It's not a legal ID but a lot of monopolies that control your life in the US (the credit agencies being the only important ones) use it inappropriately as an identifier. So getting a hold of someone's SSN allows them to impersonate you.
Yes, the US actually has that as a problem. Mind boggling, I know.
Off topic I know, but how would you solve this? Even if the Credit companies all decided to assign you a unique number, how would it be any safer than a SSN?
-
@Reid-Cooper said:
It's horrible how social security numbers are abused in the US. Until the government decides to protect the people from identity predators by completely stopping the use of SSNs as IDs by third parties it will continue unabated. There is no incentive for the companies doing so to collect legitimate data.
But again, all this does is shift it from a government issued number to a privately issued one, how is that any safer?
-
@Dashrender said:
Off topic I know, but how would you solve this? Even if the Credit companies all decided to assign you a unique number, how would it be any safer than a SSN?
Because it would be THEIR number to protect and not a public number needed by you and for you for nearly everything that you do. Your SSN is not an ID, is not unique, is not protected, is not secret, cannot be changed and is needed for a massive array over everyday things. It is used as a password, not an identifier in many cases.
Nearly everyone who stores information about you stores it privately. Credit agencies are unique in that they collect data not connected to you and tie it to you by something that is not an ID.
-
Back on the original topic (because I was not here for a couple days)...
@g.jacobse mentions reducing accounts.. You cannot reduce accounts. You need to expand them.
Reducing accounts means tying more services to fewer accounts. That is the opposite of what you want to be doing.
You want all services to be unique accounts unrelated to each other. In theory you would have a different email for all of them, but that is going overboard.
Each service should never be linked to a Google account or Facebook account, etc. You should be signing up to each service directly using their internal account creation system with a unique password on each system.
Then use LastPass or KeyPass to handle all of the account authentication.
KeyPass is much less useful and the work it takes to make it as useful as LastPass is not worth the investment of time. LastPass is $12/year to gain access to the mobile app.