Be Excellent To Each Other

Hi!

make sure you remember each combination by writing then on a piece of paper that you keep next to the computer.

And in case your not near your computer take a photo of it and put it somewhere safe like on instagram , you can make the paper look olde-timey so people wont think its your passwords

Payment Institutions and merchants can display the card numbers they handle showing first six and last four digits and remain PCI-DSS compliant.

http://en.wikipedia.org/wiki/Payment_Ca ... y_Standard

The first six digits of the card number (known as Primary Account Number (PAN) in the industry) is the Bank Identification Number (BIN). BINs are assigned by each payment system, such as Visa, MasterCard et al, to their clients such as issuing and acquiring banks. Cards are issued using the same BIN for different reasons, the primary one being card product such as, for example, all Visa Corporate Credit Cards produced by Madeup Bank plc are issued under 456789. All this is essential for payment clearing and settlement purposes.

http://en.wikipedia.org/wiki/Bank_Identification_Number

Reports are that Amazon have closed their loophole and now will request more information if you try to add a credit card and as a temporary measure Apple have stopped doing password resets over the phone

http://www.wired.com/gadgetlab/2012/08/ ... rd-freeze/

heh.

At present, I have three credit cards and two debit cards in my wallet.

I can't remember which one I may have bought something with, so having the last four digits is handy.

When Subway introduced contactless payments into the one local to my office, I started using that. Contactless payments don't produce a card receipt for the customer, just the merchant, but they didn't know this and kept giving me their copy of it.

Were I so inclined, could I have rang the bank and said those charges were fraudulent and Subway wouldn't have been able to prove otherwise?

I'm surprised that makes a difference. Surely you get a receipt because you've used a card to pay for something, I don't understand why the exact method the system uses to get your card details (sticking card in slot vs swiping card through slot vs contact-less magic) should have any effect on that. All you're changing is the interface, not the action, and thus nothing downstream of the connection between the two actors should change surely?

I think it's for convenience rather than anything else. It sort of defeats the point of being quick if you have to wait for a receipt.

I don't understand this. Do you pick a card out of your wallet at random?

Presumably thought you'll still get a receipt for the item you've actually bought (just not the card transaction itself) so you'd still be waiting for a print out regardless.

They are optional.

http://www.contactless.info/stebystepgu ... econtent=5

Not at random, but I do use different cards for different things and it's not always easy to remember.

Some things are obvious (to me) - I always use my Tesco credit card to pay for petrol for example, as I get clubcard points for it and combined with the Shell V-Power card or the Morrisons Miles card I get double benefits

The balances for each are often up and down and I keep track of them quite regularly so I tend to use whichever card has the lowest balance, but that's not always easy to remember a week or so later.

Not at Subway, not much point in a receipt at Subway really unless you're claiming expenses.

If you're not happy with the sandwich, in which case it's pretty obvious that it's from Subway, and it's not like you can take it back a few days later

It's all pretty simple for me. Two debit cards. Neither of them have fuck all on them.

o/

I have two debit cards (current and joint current accounts), one credit card for everyday online purchases and another for major purchases/emergencies.

Amazing scenes.

Superb.

\o

Perkies' dedication to cracking a funny is unrivalled.

I have 1 debit card and 3 credit cards. (well 4 technically)

1 dual account from lloyds that has an amex and a mastercard attached to it. I never use this but i've had it for 18 years so it has a ludicrously high credit limit, I keep it because you never know...
1 Santander card that pays 3% cashback on fuel and 1% cashback on supermarkets, so I use it purely for those.
1 Capital One card that gives me cashback on everything, starting at 0.5% and going up to 1.5% depending on how much I spend on it per year, I use that for everything else.

I just had to reset my 123-reg password. The details I had to give to reset were criminally easy to get (email,name,phone number, address -- aren't these in the whois registry?!) and worse of all I could choose to send the reset email to _any_ email address?!

edit: Thinking about it, 123 reg is one of those sites that enforces that your password must be 8 letters and contain this and that. Which is why I can never remember the password for that site. My 18+ character passphrases which I can easily remember? INSECURE. (according to 123 reg)

Yeah, that's not great. Did you have to confirm your 123-reg username, though? That wouldn't be easily got hold of, I wouldn't have thought.

username OR one of the domains I hold!

QUIZ TIME: I'll let you guess what my username is. Hint: if you know my email address you know it. (Probably a mistake on my part)

The worst thing about 123-reg is that your password can't be more than eight letters.

Not great at all. When I worked for them we were a lot more careful, only sending to a 3rd party email address if they could confirm last 4 digits of card plus some random activity on the account. If they couldn't, we insisted on a scan of ID.

Might be worth emailing them with your concerns.

Grim...: you say that, but mine is 11. We've done this before, though.

Aye. I took a screenshot, I think, so God knows what's different between your account and mine.

Aha!
viewtopic.php?p=659440#p659440
Maybe I don't pay them enough money

It can't be that I used to be staff either, as my password was different (ie shorter) when I worked for them.

CORRECTION: The whois details for my domain all just point to 123 reg. So some of the details are SAFE, unless you happen to know where I live via one of the other thousands of ways of getting that. (like was done in the article). But that tells a haxor what domains I have under my 123reg account, so they don't need my username.

INTERESTING: Upon trying to reset I'm offered to _add_ a security question to my account! So now a potential hacker has wrapped my account up in needless questions to make it even harder for me to recover in the event of a hack.

These are the standard "actually another password that's even harder to remember than the first, because who really remembers what answer you gave for the question 'who was your favourite teacher' 2 years ago?!"

They probably just got shitter. I edited my post before you first replied to this:

edit: Thinking about it, 123 reg is one of those sites that enforces that your password must be 8 letters and contain this and that. Which is why I can never remember the password for that site. My 18+ character passphrases which I can easily remember? INSECURE. (according to 123 reg)


So I'm agreeing with Grim that 8 characters is STUPID. I have lots of passwords, but none of them are 8 letters. (7, 9, 14 etc). Well, I have some 8 letter ones, but they contain things like ^ and so on that sites like 123 reg usually cry about.

I've been with them since 2002, and they've always done it.

I worked there between 2004-2006 and we never once had anyone complain about it.

PS GRIM:

viewtopic.php?p=667130#p667130



Break into my 123-reg account!

IN YOUR FACE.

As long as they have your address and phone number, of course.

Fuck me though, think how many people have those details.