h2g2 The Hitchhiker's Guide to the Galaxy: Earth Edition

I've never found anybody going through my post etc but I'm nervous when it comes to throwing out receipts. I don't know whether you can recycle/throw them if torn into bits or put them in the fire. I never do online banking it sounds frightening and I guess thus should be frightened of getting things with all my information on through the post in case somebody opens it up.

Know the feeling. I'm a bit nervous of online banking, though I'm on ebay and have bought some stuff from a couple of other websites like Amazon.

Think one thing that reassures me is that sites like Amazon are big and so want to ensure and reassure that customers details won't get pinched. Don't think it'd do their reputations any good to have every other customer's bank details easily accessed by anyone. And they should be able to afford the best security software.

Know what you mean bout things in the post though. I've never thrown out a bank astatement or payslip or anything just in case. Though I'd like to think that there are far more people who havn't had details stolen than there are those who have.

Simple things can be done to protect yourself though that doesn't help if the government can't keep your details safe.
Shred anything that has your name and address details on,including envelopes before throwing away or re-cycling.
If disposing of old credit/debit/store cards or payment cards don't just cut in half, cut through the magnetic strip and hologram and dispose of in separate bins so they can't be put back together and copied.
Online banking is a lot safer now than ever before. My access code changes everytime I log in and I change the password every month as well.
Change all passwords you use regularly, even if by just 1 letter or number. That way IF there's a spy bot on your pc trying to get a pattern of keys tapped, a way spy bots get data, then by changing stuff regularly doesn't allow enough time for a pattern to form.
Banks and building societies never e-mail asking for confirmation of details so don't respond to any mails asking for this no matter how real they look.
Just a few ways, simple but affective.
This latest diaster with data discs lost frankly is being over blown somewhat. ID fraud has been going on for so long professional crims don't need a data base like that anyway. You'll be shocked and amazed what you can find on the net if you really look as well as in public libraries, council registers etc.
Be vigilant yes, paranoid? no.

Good points. Would be a bit daft to throw your bank statement into the bin without shredding it and seperating it out a bit.

Though I've always wondered just how far to go with shredding envelopes. Like can someone do something with a handwritten envelope like the one you'd send a Christmas card in. I can see that a letter from your bank with your address, account details and stuff like that can be perfect for fraud.

"Though I've always wondered just how far to go with shredding envelopes. Like can someone do something with a handwritten envelope like the one you'd send a Christmas card in."

It might have corroborative details that could flesh out an identity for somebody who's building your profile: for instance, if they've put an "in case of problems" return address on the back, it's a useful snippet of info that says you have a friend/relative living in Leeds, for instance. (if the surname is the same as yours, most likely a relative: and handwriting offers broad clues as to age group, ie you can tell a teenager's handwriting style from an OAP's)

Ok, it's only incidental detail, but good if the con might involve personal contact and a bit of bluff: and the more incidental detail like this which you make avilable, the morel ikely it is that a skilled bluffer could, for instance, work out your "secret question" to be used in case of doubt, or your computer password, for instance. (most people, in my experience, are STILL woefully transparent when it comes to passwords: I enjoy cracking them for my workmates... as a for instance, one guy I know is onto amateur musicals, so it isn't too difficult to suss that his password to all systems is the name of a musical where the local press gave him a rave review)

I'd shred the envelopes, if these circs applied.

My patented method of keeping people's hands off my shredded and unshredded documentation is to put them in the bin and then empty the cats litter box on 'em. I tell you, that would put off ANY skank trying to steal my identity!!

Well I'm sure the cat litter's a great deterent!

One pet hate of mine definately is when people are so unimaginative with their password and use "password". That'd be the first thing I'd try!! Apparently here in N. Ireland there are lots of people (in certain areas I believe) who use "1690" as their PIN. (There was a big uprising thing then.)

I remember hearing that lots of people store their PIN in their mobile phone too, so all you need is their card and their phone.

I can virtually guarantee access to about 3/4 of Muslim newsagents and grocers in Britain that use a PIN for their security systems. Most of them use the chapter and verse number for a particular bit of the Koran. When I was servicing EPOS terminals, I would need their PIN to make changes. I would usually say "Is your PIN ****?" and laugh at the shocked reactions. They wouldn't change it though

I always thought that most identity theft now didn't occur as a result of people goign through people bins The online banking which I've started recently is so secure it often takes me several attempts to get in to my account Can't say I've ever shreded a document before putting it in the bin, cept for distroying old credit card/bank cards, but most of my bank statements are retained in the house in files Only time I've had money fraudently taken from me was by someone who at the time I thought to be a friend, and the only other experiance was a relative who had a couple of grand taken on their credit cards where the transactions eventually lead to a forign country, and that is someone who does shred everything and who hans't even ever made a purchase online

One girl I work with had heard that passwords should be alphanumeric, to make them dificult to break... so far so good, but she then used the password structure (for eg) 13OCT67, which happened to be her own birthday... an older co-worker who has been happily married for nearly forty years got the idea, but then used her husband's name as password.. a Scottish co-worker uses GLASGOW, as it's her city of birth... so know the person, guess the password... (my current password presumes knowledge of quite a specialist area, so even if you knew my interests, you'd still need to go into one fairly rarefied sub-area of study, in a language which is not English, to even get an inkling...)

My passwords vary, some are the molecular weights of certain molecules but actually there not any that I particualrly worked on during my studies, just ones I remember others are pretty random colelctions of numbers and letters a few are probably a bit silly simple ones, not quite 123456 but not far off, and they're useually the ones for stuff that doens't matter and sites/internet things where there isn't any personal or bank details on, my online banking takes I think about three passwords/codes to get in and its set so it asks you not* for th ewhole of the passwords, but for a few random letters/numbers from the password; I guess this is to try beat the auto typeing detecting malware spiware stuff Heck, even my Hootoo password is 9 digets long, and a mixture of numbers and letters

I now have so many ing passwords that I keep having to rejoin sites as I can never get back in (or remember which email addy I used to sign up with)

I shred everything with my name and address on - especially envelopes.

It all sounds so absolutely crazy.

True that it *can* help to know the person and figure out their password as their b'day or whatever, but ewven then you've lots to choose from. Like b'day, anniversary etc spelt or numbers or both, name of husband/kids/maiden name etc. Or I've heard of ones that are like "pa55word".

Or "pa$$word". Or in one memorable case, "88888888" (think about it).

Oh dear.....

I'd still like to kill my lodger for the password he used on our wireless home network

Dare we ask??

Its got a lot of zeros and 1's in it

Flip me! Binary!!

I tend to use modifications (add a number stuff) to simple words which I can remember by association, then I record the association. eg. if my password were M0untain I might write "Jul1e" as the association. FYI this is not one of my passwords, I just made it up on the spot using eight characters, upper and lower case, including one number, which is a pretty standard ruleset.
Unfortunately I need multiple passwords for work at any point in time, each of which expire on a different frequency, and each of which have better memories as to what passwords I have used in the past than I do. Plus all the non-work pc type ones, then the bankish ones, then there's the pin to unlock the front door, then,then,then,then.

Lets make a short list (without looking anything up) ...
hotmail
bigpond
notes
internet
intranet
mainframe
phone
event log
bank pin
ccard pin
telconference (personal)
teleconference (team)
other event log
building access
pc windows
pc powerup
pc hard drive
ccard telephony pin
building access "but I've forgotten my card" pin
mobile phone

Thanks goodness they don't all have the same security that the office front door does; that needs my badge and my fingerprint. Although I don't need to remember my fingerprint (as long as I remember my finger (:-&gt

I remeber someone onse talking about "basic security" - something you know, and "better security" - something you have and something you know, but the best is (like fingerprints) something you are.

I remember my boss once used the licence number of his new car as his password - every morning for two weeks would see him arrive at the office, get ready to start work, then off he would run to the car park to refresh his memory.