[AI] security tips for net banking

Chaodhari, Sanjeev IN BOM SISL Sanjeev.Chaodhari at siemens.com
Mon Jan 14 06:20:45 EST 2008


Hi Hitendra  
Hope this will help
1 Enforce a good password policy.
 a good password is 
A) Should meet minimum length specified by your bank, whenever you sign
up/register for any service before the password edit box they specify
minimum length. E.g. at least 8 character in windows.
B) Should consist of alphanumeric and spatial characters, and should
have at least one upper character in case all other letters are lower
case or otherwise.
C) Do not use any word found in dictionary not only in English but also
others means all. Tip deliberately misspelling one or more words can
make your password harder to crack.
D) Should be easy to remember but difficult to guest, do not use
birthday or name of your near and dear ones or anything which can be
abstracted from your public record, background, casual talk with you or
with your near and dear one.
E) Easy in terms of typing so that you can type fast, this minimizes
chance of shoulder surfing.
2 maintain your password 
Maintaining your password means keeping it confidential.
A)	Do not disclose your password to anybody. In any circumstances.
Even if you are stuck somewhere and some person/computer program is
claiming to solve your problem.
B)	Change your password after every 30 day if it is used for to
sensitive cause or 90 days, or whenever you suspect to be leak to
anybody, thru human/computer.
C)	Avoid storing your password anywhere except your mind, however
if such need arises avoid storing your password on computer, if it is
save on computer make shore this password is protected by password. If
is store on hard copy make shore it should be in lock which is
accessible to only to you. E.g. do not put your password under the
keyboard or any such kind of place.
D)	Avoid typing password in front of anybody. To minimize chance of
shoulder surfing.
E)	Whenever you login by providing your username and password you
should logout from there by clicking on logout link instead of closing
the browser or pc.
F)	Do not use windows can remember your password feature or any
such feature.
G)	Do not login from cyber pc or public pc. Such pc's are infected
by some virous/verm/(software/hardware) keylogger/trogen/spyware.
H)	Do not click on link contained in email and login. Instead of
open the browser manually and type the known address in the address bar.
3 secure your pc
A) Save your pc from virous/verms/keylogger/spyware/adware/rootkit. Use
good aunty virous/verms/keylogger/spyware/adware/rootkit
B) Download software from authorized site.
c) Do not open attachment from unknown source.
D) Do not allow to run active script from your browser.
E) Do not visit unwanted site such as porno site 
F) Inspect your computer for hardware keylogger. A hardware keylogger is
generally plug in between a computer keyboard and a computer. Some
keyboards are itself keyloggers.

Note - this measure will only minimize risk of attacking your account.
Nothing can make anybody's account completely secure, of course! Except
do not take facility of net banking. 
Happy net banking from sanjeev.

Thanks,
When you don't have any choice, you have a choice to work hard.
Sanjeev
Email: Sanjeev.chaodhari at siemens.com
 Or daarshnicsanjeev at hotmail.com
Space: http://daarshnicsanjeev/spaces/live.com
 Call: +919820637390
Direct office: 
 

-----Original Message-----
From: accessindia-bounces at accessindia.org.in
[mailto:accessindia-bounces at accessindia.org.in] On Behalf Of hitendra
Sent: Monday, January 14, 2008 2:45 PM
To: accessindia at accessindia.org.in
Subject: [AI] security tips for net banking

Hello list members,
I have got net banking service on my saving a/c. I request you all
please let me know the security measures which I have to follow to avoid
any fraudulence in operating my a/c.
Thanks
Hitendra Rupani
To unsubscribe send a message to accessindia-request at accessindia.org.in
with the subject unsubscribe.

To change your subscription to digest mode or make any other changes,
please visit the list home page at
 
http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.i
n


 
 
Important notice:This e-mail and any attachment thereto contains corporate proprietary information. If you have received it by mistake, please notify us immediately by reply e-mail and delete this e-mail and its attachments from your system. Thank You.




More information about the AccessIndia mailing list