Tip of the Week:
    Note the following interesting tidbit in the Deposit Account Agreement for Chase Bank...

​    JPMorgan Chase Bank, N.A., Member FDIC
​    Deposit Account Agreement –  Electronic Funds Transfer Service - 
Terms - Notice of your Rights and Liabilities


    Replace #3 of,
    “For business accounts only:
     You agree” with the following:

    3.  That by allowing anyone to use your Card, or by failing to exercise ordinary care (such as storing your PIN with your card or
    selecting your birthday as your PIN), you will be responsible for all authorized and unauthorized transactions.

    So you think all is swell and the banks and credit card companies are not suffering any appreciable losses due to hacking.

    THINK AGAIN! These kinds of clauses have appeared in many banks' and credit card companies Terms and Conditions. It is only a

    matter of time before they start to enforce them to make you liable instead of them.


    So if you are still using your BIRTHDAY as a PIN and/or you are still keeping your PIN with (or worse... written on) your credit

    card/debit card or bank card....STOP IT NOW.



    Tip of the Week:

    It is a good idea to take advantage of "multi-factor" authentication whenever a vendor (especially banking and e-commerce websites)

    makes the option available to you. The most common example is a bank who lets you confirm any transaction made on their website

    by also sending a text to your cell phone with a temporary code that you have to enter into the bank's website to provide an additional

    verification that it is indeed you who is making the transaction.


    Tip of the Week:

    Forget all the advice about "make your passwords 8 to 12 characters long, use uppercase and lowercase characters, use at least one

    number and one symbol".  Security professionals have tools that can crack these passwords in less than 15 minutes (and usually

    less!) and so do the bad guys!

    Here is our advice:

  1. Use a different password for every application and/or web site. Yes this is one big pain...but most people use one or two passwords for everything. The bad guys know this. If they can get their hands on your email password then they will probably  now have the password for your banking site(s).
  2. Use the maximum length password supported. Eight characters just doesn't make the grade!
  3. Use nonsense phrases and words. They make it easier to remember in general and easier to remember while you are typing it in. Here is an example:


   You have now created a 34 character password with uppercase and lowercase character, and a number. The phrase is not seen in

     any book, and the phrase contains nonsense words that will not be found in any dictionary.