Securing Personal Information: Smart phone

gjacobse

This morning I took my sun to the doctor - nothing serious thankfully. But in the process I needed to have his and my wife's SSN, something I don't have memorized.

So it's not stored in plain text, how would you store this information in your smart phone? Or is it better on paper?

Opinions?

Dashrender

I'd store it in Lastpass in a secure note.

Minion Queen

another vote for Lastpass

gjacobse

Concerns with cross platform? I've used KeePass in the past, and there is a iPhone equivalent. I just have to drop the file on dropbox to connect to it.

Dashrender

Lastpass has a version to install on Windows desktops/Laptops/tablets and Windows Phone and IOS and Android - so you're covered.

All copies are synced through Lastpass's cloud

coliver

@Dashrender said:

Lastpass has a version to install on Windows desktops/Laptops/tablets and Windows Phone and IOS and Android - so you're covered.

All copies are synced through Lastpass's cloud

All notes/passwords are decrypted on the device and are stored encrypted on the cloud with a very strong key. So you should be set there too.

gjacobse

I've heard and seen a good deal about LastPass - but I'm a tad leary of creating yet another account somewhere... Email, cloud, Amazon, this that,.. In some regard - I'm trying to reduce some of my digital footprint.

Not against it,.. they have a strong reputation.

scottalanmiller

@g.jacobse said:

This morning I took my sun to the doctor

Did it have a fever?

Was it seeing stars?

Was it a bit gassy?

Was its plasma healthy?

Did it get sick from too much corona?

Was it spewing more than normal?

I could go on like this all day.

scottalanmiller

Check out Keypass. Although for things like this, we just use our family wiki. It is a MediaWiki wiki and secured on our own server and encrypted via SSL. @dominica and I love it. We keep all of our important info there and a lot of trivial stuff too. From bank account info to a guide to what we packed in which packing boxes.

gjacobse

@scottalanmiller said:

@g.jacobse said:

This morning I took my sun to the doctor

Well - he is a bright spot of my day....

@scottalanmiller said:

Check out Keypass. Although for things like this, we just use our family wiki. It is a MediaWiki wiki and secured on our own server and encrypted via SSL. @dominica and I love it. We keep all of our important info there and a lot of trivial stuff too. From bank account info to a guide to what we packed in which packing boxes.

I have Keypass on the desktop / laptop. but there isn't a KeYpass for iOS. it's MiniKeepass. I can drop the file into my DropBox account and pull it from there and use the same database.

Any concerns with that process - dropping the db in to a cloud storage location - Yes,..I admit,..Just a tad bit on the paranoid side...

scottalanmiller

DB on cloud storage is normally fine. We've tested the same using Sharepoint as the storage for a KeyPass DB.

For me, being less paranoid, I would just keep my data on OneNote in OneDrive or something similar. Evernote or whatever.

thanksajdotcom

LastPass gets my vote

Dashrender

@scottalanmiller said:

DB on cloud storage is normally fine. We've tested the same using Sharepoint as the storage for a KeyPass DB.

For me, being less paranoid, I would just keep my data on OneNote in OneDrive or something similar. Evernote or whatever.

I take it you trust the encryption on OneNote?

scottalanmiller

@Dashrender said:

I take it you trust the encryption on OneNote?

OneNote itself doesn't encrypt anything. I don't really need that data encrypted at rest as I'm not storing it anywhere that I am worried about.

Carnival Boy

SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?

I tend to store numbers as a normal made-up contact on my Hotmail account. The contact name will give me a clue as to what the number refers to, and I might write the number backwards or have some other crafty way of writing it that only I can interpret correctly. Basically doing my own kind of encryption. So I might have a made-up contact called Sue Smith - her initials SS referring to Social Security.

gjacobse

@Carnival-Boy said:

SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?

I tend to store numbers as a normal made-up contact on my Hotmail account. The contact name will give me a clue as to what the number refers to, and I might write the number backwards or have some other crafty way of writing it that only I can interpret correctly. Basically doing my own kind of encryption. So I might have a made-up contact called Sue Smith - her initials SS referring to Social Security.

Yes - SSN = Social Security Number

There is a pretty decent drive in the last year or so to safe guard private information due to the high number of SCAMs, and pirating. All you need a the SSN, Name and little else and you can really ruin a person.

The security conference I was at last week, the Detective on a FBI task force asked us how many of us pull credit reports on ourselves to check for isses,.. then asked how many of us pull them on our children.

He stated that if we have children over the age of about 13, we should be pulling one every year to monitor it. He's dealt with several families where the child turns 18 (legal age) and finds out he has had a credit card, electric bill for 5 or more years and his credit is destroyed....

scottalanmiller

@Carnival-Boy said:

SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?

It's not supposed to be sensitive. It's not a legal ID but a lot of monopolies that control your life in the US (the credit agencies being the only important ones) use it inappropriately as an identifier. So getting a hold of someone's SSN allows them to impersonate you.

Yes, the US actually has that as a problem. Mind boggling, I know.

scottalanmiller

@g.jacobse said:

He stated that if we have children over the age of about 13, we should be pulling one every year to monitor it. He's dealt with several families where the child turns 18 (legal age) and finds out he has had a credit card, electric bill for 5 or more years and his credit is destroyed....

Just need a good lawyer for that. A credit agency illegally collecting data on a minor is a crime. They don't have any right to do so. You just have to be willing to go after them for damages. As with everything in the US, nothing is a crime unless the victim can afford a good lawyer.

Reid Cooper

It's horrible how social security numbers are abused in the US. Until the government decides to protect the people from identity predators by completely stopping the use of SSNs as IDs by third parties it will continue unabated. There is no incentive for the companies doing so to collect legitimate data.

Dashrender

@scottalanmiller said:

@Carnival-Boy said:

SSN = Social Security Number, right? Like our National Insurance number in the UK. Is that so sensitive that you have to encrypt it on your phone?

It's not supposed to be sensitive. It's not a legal ID but a lot of monopolies that control your life in the US (the credit agencies being the only important ones) use it inappropriately as an identifier. So getting a hold of someone's SSN allows them to impersonate you.

Yes, the US actually has that as a problem. Mind boggling, I know.

Off topic I know, but how would you solve this? Even if the Credit companies all decided to assign you a unique number, how would it be any safer than a SSN?