I've gone through a bunch of crap recently with Bank of America. Apparently they are yet another in the line of dupes who have been namejacked. I hereby invent the meme, namejack, btw. 'Identity Theft' is so legalese. And so, about a month ago I discover that all of my cards have been locked and I suddenly was trasported back to 1982 when there were no ATMs and on Friday you had to get to the bank with your checkbook in hand so that you'd have enough cash to get through the weekend. The problem was that nobody told me about it until I was running late for work one day trying to get my car out of the shop.
The guy runs my ATM and it rejects. What? Admittedly 900 bucks isn't peanuts, but I had more than double that when I checked the account by phone just before the Spousal Unit dropped me off. I can't explain it, I don't know what's going on, I'm just standing there like a putz in front of the guy with greasy hands. And quite frankly, let me tell you something, I'd trade places with homeboy in a heartbeat. Think about it, he's got a parking lot full of Benzs and BMWs right on Pacific Coast Highway in Manhattan Beach. He doesn't work weekends, and it took him a day to turn around my 900 dollar job, netting him some 400 odd in labor. It's like being a ski instructor in Vail. Anyway, I decide to use the company expense card which has no ceiling, and then I get by butt chewed out for that one month later.
Bank of America was at least being proactive, the problem was that they got to the Spousal Unit before they got to me. Now we're enrolled in some scam that cost us 200 bucks. She, like millions of others, forgot to opt out. So I had to spend an hour on the phone getting my online banking running again. So today they hit me again, proactively, and force me to change my password.
I did so, using one generated by Schneier's PasswordSafe, which is one of the best pieces of software on Windows. Just to make sure, I thought of a cool idea. I wobbled over to another machine (thinking about caches here) and entered the password into Google Search. I figure if Google never heard of it, I'm probably pretty safe, considering that every published password cracklist is on the web, and Google has likely seen it.
You may remember the old George Carlin joke. He said, "I'm going to say a combination of words that you've never, ever heard before. Listen. You've never heard anybody say this: I'm going to take this red hot iron poker and stick it up my ass." It's true of course. Before that moment at the comedy club, I'd never heard anyone say that. But it's a good way to remember that if you're going to use non-generated passwords, you should at least Googlewhack it to be on the safe side. BUT. Don't do it on a machine that you own, or at least wipe the local cache on your browser.
Then again, if you're a glutton for punishment and want to get namejacked, go ahead and stick that hot iron poker of a stupid password.. Nobody is safe.
Recent Comments