Comments on: Wall Street Journal questions TreasuryDirect security http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/ Fri, 29 Aug 2008 20:33:22 +0000 http://wordpress.org/?v=2.0.4 by: TreasuryDirect enhances security features: US Savings Bonds http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-705 Fri, 11 Aug 2006 16:36:31 +0000 http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-705 There's a follow-up to this article today at <a href="http://www.savings-bond-advisor.com/treasurydirect-enhances-security-features/" rel="nofollow">TreasuryDirect enhances security features</a> There's a follow-up to this article today at TreasuryDirect enhances security features

]]> by: Paul http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-566 Sat, 22 Jul 2006 17:33:12 +0000 http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-566 If you select a beneficiary when you buy a bond at TD, there's a field for that person's social security number. Is that required? It's bad enough to put myself at risk for identity theft. I don't want to put my family also at risk. If you select a beneficiary when you buy a bond at TD, there's a field for that person's social security number. Is that required? It's bad enough to put myself at risk for identity theft. I don't want to put my family also at risk.

]]> by: Shorty http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-541 Wed, 19 Jul 2006 17:16:44 +0000 http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-541 I don't know about they idea to ban "dummy" email accounts. For many people, a free web-based account is the only email account they have. Myself, I have one "real" email account that I only give to personal friends. All online merchants and banks are given unique email accounts that are used only for communication with that merchant or bank. This way, if any single email account is compromised, there is no effect on any of my other business. I don't know about they idea to ban "dummy" email accounts. For many people, a free web-based account is the only email account they have.

Myself, I have one "real" email account that I only give to personal friends. All online merchants and banks are given unique email accounts that are used only for communication with that merchant or bank.

This way, if any single email account is compromised, there is no effect on any of my other business.

]]> by: Dan http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-534 Fri, 14 Jul 2006 17:47:11 +0000 http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-534 Charles, By "dummy" e-mail, I assume you mean free, web-based e-mail, right? I'm not sure I agree with this suggestion. My free Hotmail account is the only one I've had uninterrupted for the last decade. I use it for any recipients outside of people I know personally, and try my best to only use my work e-mail for work purposes. I would bet that a very significant number (if not a majority) of Internet users use their free, web-based e-mail address almost exclusively. Charles,

By "dummy" e-mail, I assume you mean free, web-based e-mail, right?

I'm not sure I agree with this suggestion. My free Hotmail account is the only one I've had uninterrupted for the last decade. I use it for any recipients outside of people I know personally, and try my best to only use my work e-mail for work purposes. I would bet that a very significant number (if not a majority) of Internet users use their free, web-based e-mail address almost exclusively.

]]> by: bj http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-531 Wed, 12 Jul 2006 22:42:08 +0000 http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-531 One thing they did right is to ask a security question before allowing to view/change your info. Since you rarely need to change this, there is little chance that a keylogger will capture it. BTW, use another (different) password as the answer to the question. One thing they did right is to ask a security question before allowing to view/change your info. Since you rarely need to change this, there is little chance that a keylogger will capture it. BTW, use another (different) password as the answer to the question.

]]> by: Charles http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-530 Wed, 12 Jul 2006 20:37:45 +0000 http://www.savings-bond-advisor.com/wall-street-journal-questions-treasurydirect-security/#comment-530 Personally, I feel like I have more security with my Yahoo account than TD Electronic. I signed up for the electronic account some time ago and never used it for all of the above reasons. To add to the discussion, they should: - Allow a longer stronger user password. - Not allow the use of dummy email addresses like Yahoo, Hotmail etc. - Get rid of overly simplistic security questions anyone can know the answer to like "what's your mothers maiden name" etc. -Provide users an "option" to permanently NOT ALLOW transfers to any bank except the original account without signed, bank notarized, ID proven written consent. Personally, I feel like I have more security with my Yahoo account than TD Electronic.

I signed up for the electronic account some time ago and never used it for all of the above reasons.

To add to the discussion, they should:

- Allow a longer stronger user password.

- Not allow the use of dummy email addresses like Yahoo, Hotmail etc.

- Get rid of overly simplistic security questions anyone can know the answer to like "what's your mothers maiden name" etc.

-Provide users an "option" to permanently NOT ALLOW transfers to any bank except the original account without signed, bank notarized, ID proven written consent.

]]>