|
mlmp08 posted:2FA is a necessary evil, but it does get really old when a significant amount of time is spent traveling or being locked away in no-phone, no-personal electronics vaults. What kind of no electronics vault would you still be checking personal email or your bank in? I'm nervous enough about doing those on a work computer, yet alone in a closed room.
|
# ? May 6, 2021 13:17 |
|
|
# ? Jun 1, 2024 19:30 |
|
hobbez posted:drat, wow. It sucks there doesn’t really seem to be much in the way of actionable steps I can take to mitigate this. Yeah, it def is still overall of course way better than having just a password. As others have mentioned , a Yubi key or Authenticator app is more secure. To be honest, I haven’t quite made that step yet myself , although I should. I’m pretty sure 1password has an Authenticator , yet I haven’t taken time yet to review it and set it up.
|
# ? May 6, 2021 13:42 |
|
My preferred middle ground for 2FA that isn't a physical token I can lose or SMS that can be stolen is using 1Password as my app-based token. It will auto-fill your one-time password just like your regular ones that it manages, and I'm willing to pay a double digit annual fee just for that. The fact that they aren't constantly breached like LastPass is nice, too.
|
# ? May 6, 2021 13:46 |
|
I use lastpass and it works well. It gets a bad rap (likely deserved) due to recent partial breaches and also due to now being owned by a soulless corporation. Lastpass works super well across devices - and is easy to use for my non-tech savvy partner. Lastpass's biggest problem is that it is by far the most popular password manager so it makes it a worthwhile target for bad actors. I'm planning to switch to another manager once my lastpass premium subscription expires in a few months. I had to create a "lastpass only" email address to use with it because someone was trying to brute force my lastpass account when I had my public email address associated with it. For banking I have all incoming and outgoing payments go through a big bank checking account with enough money to cover 2 months of expenses. My real money is kept at brokerage with banking services (ie. fidelity or schwab) which only sends/receives money through my big bank checking account. Schwab and Fidelity both support software authenticators now. EmmaDilemma posted:Is it incredibly insecure to just remember your passwords, instead of using a fancy password manager, and if you can't remember, utilize the site's lost password feature? The problem with this is that this leads most people to use the same or similar passwords across multiple websites. All it takes is one website to store your password in plaintext or something else that isn't secure for all your other accounts to be compromised. But with that said I believe the most secure type of password are very long phrases. If you truly can remember a unique phrase with a few special characters thrown in that is 20+ characters long then that would be virtually impossible to crack and is way safer than a random string of 8 characters that can't be memorized. Also a friendly reminder to lock down your credit reports. Super easy.
|
# ? May 6, 2021 14:05 |
|
Agreed, most people use way more websites than it is realistically possible to remember truly unique passwords for. Kind of confused by that suggestion. Also, everything said in favor of LastPass so far also applies to literally every other password manager that doesn't have a target painted on its back. Syncing across devices is an absolutely baseline feature, so I'm not sure why so many people seem to be so wooed by that in their manager of choice. LastPass' UI is also the clunkiest of any paid option by far, or at least was the last time I touched it, so even the usability for the non tech savvy is questionable imo. They were the OGs, but no one starting fresh should choose them now that 1password (or Bitwarden, for tech-savvy cheapos) exists. Does freezing your credit reports actually make a practical difference in stopping identity theft for people who already have these other precautions in place? Credit Card and bank account churning is probably 5-7% of my annual gross income, and I never remember to unfreeze the loving things before applications (it's also a real PITA to do in some cases).
|
# ? May 6, 2021 14:44 |
|
Unsinkabear posted:
I've had my credit reports frozen for about 3-4 years now. They've made it really easy and free from what I've seen to unfreeze and refreeze your account as necessary for the big 3. Did it for Verizon and something else and it only took a minute, plus you could set the refreeze to start the next day or whenever you wanted. The only issue I had was with CreditKarma for my taxes, but I just ended up using another tax provider. I'm not sure how effective it is at identity theft but doing that along with annual credit reports gives me piece of mind.
|
# ? May 6, 2021 15:04 |
|
Xenoborg posted:What kind of no electronics vault would you still be checking personal email or your bank in? I'm nervous enough about doing those on a work computer, yet alone in a closed room. Well, when your options are: -Don’t touch money for a year -Touch money on shoddy wifi connected to a foreign kingdom’s security apparatus -Touch a money on US government computer I guess I’ll just touch my money while uncle sam watches.
|
# ? May 6, 2021 15:16 |
|
mlmp08 posted:Well, when your options are: Okay, so the answer is "I work for the government in a SCIF overseas" rather than being opaque with what is clearly an edge case.
|
# ? May 6, 2021 15:19 |
|
laxbro posted:
I wish it was easy... Only equifax lets me do it online. Experian and Transunion I have to mail them poo poo all the time. the worst.
|
# ? May 6, 2021 17:27 |
|
spwrozek posted:I wish it was easy... Only equifax lets me do it online. Experian and Transunion I have to mail them poo poo all the time. the worst. Really ? I’m able to do all 3 online. It isn’t one click , but not that bad to do really. And yes, to the question above, freezing a credit report is a really really good idea. See my prior post on fraud, people will steal your social , name and address and sign up for phones in your name and other crazy stuff.
|
# ? May 6, 2021 17:38 |
|
Motronic posted:Okay, so the answer is "I work for the government in a SCIF overseas" rather than being opaque with what is clearly an edge case. I dunno, accessing personal email and banking in a SCIF is pretty routine in every office I've worked in, mostly because that's where our personal desktops are. I mean don't get me wrong there are also closed areas where you would most likely get written up for doing so, but different rooms different rules.
|
# ? May 6, 2021 17:39 |
|
Duckman2008 posted:Really ? I’m able to do all 3 online. It isn’t one click , but not that bad to do really. They just don't think I am who I am I guess. E: I decided to just try again with the two annoying ones and now I can do it online. Total Mystery. Equifax's system seems best though. spwrozek fucked around with this message at 18:05 on May 6, 2021 |
# ? May 6, 2021 17:46 |
|
spwrozek posted:They just don't think I am who I am I guess. That sucks. Otherwise it takes literally less than 10 minutes to add a freeze to all three bureaus. This reminds me that I should freeze my toddler's credit.
|
# ? May 6, 2021 18:03 |
|
spwrozek posted:They just don't think I am who I am I guess. For several years I've been grabbing my free annual credit reports from the three agencies (staggered by four months). A few years ago one of them stopped letting me do it online and I had to mail in the form. Now it is at least two of them, maybe all three, make me mail in. I don't know if it is me personally that they can't verify online, or if it is their way to make free credit reports more difficult for everyone so they'll stop requesting them.
|
# ? May 6, 2021 18:19 |
|
ranbo das posted:I dunno, accessing personal email and banking in a SCIF is pretty routine in every office I've worked in, mostly because that's where our personal desktops are. "Working in a SCIF" is an edge case. This person was talking about working in a SCIF overseas, which is an edge case of an edge case that was specifically mentioned as a complicating factor in the post. So I'm not sure what you're on about.
|
# ? May 6, 2021 18:26 |
|
Motronic posted:"Working in a SCIF" is an edge case. This person was talking about working in a SCIF overseas, which is an edge case of an edge case that was specifically mentioned as a complicating factor in the post. So I'm not sure what you're on about. The way the initial response was phrased made me read it as "working in a no outside electronics vault" was the edge case and that inside of that context, even a SCIF was a further edge case. Im just trying to figure out what other industry/ business has closed areas to the point where you would hear "I can't bring outside electronics in" and need clarification. I just assumed that was a defense thing. ranbo das fucked around with this message at 18:41 on May 6, 2021 |
# ? May 6, 2021 18:35 |
|
I spent years reading Tom Clancy books as a young boy and can not remember what a SCIF is.
|
# ? May 6, 2021 18:45 |
|
Residency Evil posted:I spent years reading Tom Clancy books as a young boy and can not remember what a SCIF is. https://en.wikipedia.org/wiki/Sensitive_compartmented_information_facility I work for a financial services company, and there are certain areas we don't allow any outside electronics to be in. Internet usage is heavily monitored and regulated. I've never tried to do anything personal on my company machine or on any company network, don't really want to find out if its allowed or not. I can use my phone or cellular iPad for personal stuff if I'm in the office. I WFH though so I just have 2 computers on my desk. 1 for shitposting here, the other for work. No idea if this is true or not, but I think I read somewhere some of the top level admins for Visa pretty much work in a secure office with cameras on them at all times. A co-worker used to work for the DoD and there weren't cameras, but everything was monitored, and they had at least 2 workstations on their desk.
|
# ? May 6, 2021 18:50 |
|
skipdogg posted:
Truly the best part of WFH.
|
# ? May 6, 2021 19:34 |
|
if your scif has access to the public internet at all, it ain't much of a scif
|
# ? May 6, 2021 22:07 |
|
DELETE CASCADE posted:if your scif has access to the public internet at all, it ain't much of a scif 1. Some SCIFs have zero internet, but plenty of them have regular NIPR internet access to public sites. So not just regular public internet, but access on a separate network to boring stuff like the news, ESPN, etc. 2. Plenty of areas that do not meet or attempt proper SCIF rules still have a “no outside electronics” rule. Bog standard not-SCIF command posts and the like don’t allow outside electronics but are not SCIFs. My point wasn’t to debate SCIF setup just grumbling about routinely working in locations where password managers are extremely forbidden, 2FA is a pain in the rear end, but it’s culturally and job-wise fine to check accounts during off time because they know you have no other real time to do it, as long as you’re not trying to be a daytrader.
|
# ? May 7, 2021 04:17 |
|
Niyqor posted:Your best choice is a hardware device such as a yubikey. I looked into the yubikey and I’m totally sold. Unfortunately, many of the financial institutions I deal with don’t offer 2FA that isn’t SMS based! I feel like I’m living in the stone ages with these banks.
|
# ? May 7, 2021 04:40 |
|
Is there a popular opinion on Keypass versus Bitwarden? Kinda surprised not to see them mentioned at all
|
# ? May 7, 2021 04:54 |
|
yr new gurlfrand! posted:Is there a popular opinion on Keypass versus Bitwarden? Kinda surprised not to see them mentioned at all I use Bitwarden. Not sure which one you are surprised not to see mentioned.
|
# ? May 7, 2021 05:30 |
|
Hey, I have dumb questions that I keep confusing myself on when I look them up online and I'm hoping I can get some help (and the OP has some broken links apparently) My wife has a 401k through work. Does that mean I can't open one? Are 401ks always individual contributions or is there some sort of other limit going on since we're married? Same question about Roth IRA, is that limit per person? Or per household? Is the OP still correct that the general purpose savings plan is: 401k up to employer matching -> Roth IRA -> max 401k? My employer doesn't do 401k matching, so should I just open a Roth IRA and do that first before opening a 401k if I can?
|
# ? May 7, 2021 06:25 |
|
L0cke17 posted:My wife has a 401k through work. Does that mean I can't open one? Are 401ks always individual contributions or is there some sort of other limit going on since we're married? quote:Same question about Roth IRA, is that limit per person? Or per household? quote:Is the OP still correct that the general purpose savings plan is: quote:My employer doesn't do 401k matching, so should I just open a Roth IRA and do that first before opening a 401k if I can? moana fucked around with this message at 06:37 on May 7, 2021 |
# ? May 7, 2021 06:35 |
|
Are there any tax implications I need to work about moving money between two different mutual funds? We're considering switching from our Vanguard life strategy growth to moderate growth or a target date fund but not sure if it's as simple as selling all of one to buy the other, or if there are other things to consider on that type of move that may cost us.
PageMaster fucked around with this message at 06:44 on May 7, 2021 |
# ? May 7, 2021 06:40 |
|
PageMaster posted:Are there any tax implications I need to work about moving money between two different mutual funds? We're considering switching from our Vanguard life strategy growth to moderate growth or a target date fund but not sure if it's as simple as selling all of one to buy the other, or if there are other things to consider on that type of move that may cost us.
|
# ? May 7, 2021 06:45 |
|
moana posted:You can open a 401k if your employer has one available, your wife's 401k doesn't matter at all. They are always individual contributions since they go through your payroll. You can't open a 401k for your wife if her employer didn't have one available for her (hypothetically). Ok, so since my work doesn't offer a 401k I cant have one at all then? We're under the income limit for a Roth IRA but I don't know what the differences are. Google was somewhat unhelpful. It mostly has to do with how much money you make and when/how you pay taxes on the money as it comes out? Right now on that flowchart we are at the loop of "are you saving 15% of your pretax income for retirement" box. And the answer is "no", because we just finished paying off student loans and now are looking to make better plans. Edit: I guess I misread the flowchart, technically were on the box for "evaluate IRAs". So if I understand my situation correctly the max we can save in tax advantaged accounts is $12k (for 2x IRA or Roth IRA accounts a year) +maxing out a 401k? L0cke17 fucked around with this message at 06:55 on May 7, 2021 |
# ? May 7, 2021 06:48 |
|
L0cke17 posted:Ok, so since my work doesn't offer a 401k I cant have one at all then? quote:We're under the income limit for a Roth IRA but I don't know what the differences are. Google was somewhat unhelpful. It mostly has to do with how much money you make and when/how you pay taxes on the money as it comes out? Traditional: you get the benefit now - everything you put in is NOT TAXED NOW. Later on when you withdraw from the IRA, everything will be taxable - both your contributions and the earnings from the investments. Roth: you get the benefit later and pay taxes on the income NOW. Later on when you withdraw from the IRA, nothing will be taxed (assuming you are making qualified withdrawals). Usually if you are in a low tax bracket and expect to be in a higher tax bracket later, it makes sense to do a Roth (since you're paying taxes now at the low bracket). If you're in a super high tax bracket, a trad IRA makes more sense (since you will be paying taxes later at hopefully a lower bracket). There are a million exceptions but generally that's the advice. quote:Right now on that flowchart we are at the loop of "are you saving 15% of your pretax income for retirement" box. And the answer is "no", because we just finished paying off student loans and now are looking to make better plans.
|
# ? May 7, 2021 06:59 |
|
moana posted:What kind of account is it? If it is a taxable brokerage account, surprise surprise it's going to be taxable. I'm guessing this is in a retirement account though, like an IRA or a 401k? In that case, you can switch away without any tax impact. Not a retirement account, just a taxable brokerage account, I get the 1099 every year and pay taxes on the gains already, so I don't know if I'm taxed again by moving that money or of there are any implications by pulling any of the money out. Or if it's just lot another back account where I can put money in and out freely. PageMaster fucked around with this message at 15:34 on May 7, 2021 |
# ? May 7, 2021 15:20 |
|
I have a taxable account with the grand majority of the money I’ve saved for retirement, and it’s been fine so far. Considering that the money in it was from already-taxed money, there’s not much else I can do if I wanna use that money for retirement purposes.
|
# ? May 7, 2021 15:22 |
|
PageMaster posted:Not a retirement account, just a taxable brokerage account. I get the 1099 every year and pay taxes on the gains already, so I don't know if I'm taxed again by moving that money to another account (or pulling money out)?
|
# ? May 7, 2021 15:29 |
|
Ok, so after doing more reading it looks like we want a traditional IRA. There's approximately 2 billion places you can open an IRA account... If I just want something I dump money into and forget about for 30 years do I just pick somewhere that doesn't charge any fees and go for it? Is there any reason to pick one IRA vendor over another?
|
# ? May 7, 2021 15:38 |
|
moana posted:Usually if you are in a low tax bracket and expect to be in a higher tax bracket later, it makes sense to do a Roth (since you're paying taxes now at the low bracket). If you're in a super high tax bracket, a trad IRA makes more sense (since you will be paying taxes later at hopefully a lower bracket). Is 22% current tax bracket low or high?
|
# ? May 7, 2021 15:39 |
|
moana posted:You currently pay taxes on the dividends and on cap gain distributions, but if you sell anything you will be paying on the capital gains of what you sold, which could be a lot more. Can you navigate to an unrealized gains report and check the cost basis? Thanks, definitely more to think about than I thought at first. I can check the unrealized gains and it has it broken out into short term and term capital gains, what do those tell me? I'd it's like my old house I'm guessing don't touch the short term? I'm also assuming the difference between the gains and the total in the account is my contributions? PageMaster fucked around with this message at 17:18 on May 7, 2021 |
# ? May 7, 2021 16:50 |
|
Spook posted:Is 22% current tax bracket low or high? It’s low. But read on. This is a funny question. That simple question is attempting to determine whether you will pay more taxes in retirement than in the present. The 22% bracket CURRENTLY goes from ~40k to ~86k. Will you have taxable income of at least 40k (inflation adjusted) when you’re 65 years old? 99.995% Yes.*** So paying taxes on it now (Roth) is, at worst, breaking even assuming… Will the taxation for 40k of income be 22% when you’re 65? No one knows. Tax law changes pretty frequently. We’re at kinda historical lows right now. That said, maybe we’re in a new normal. Maybe not! Maybe the brackets will be a shitload higher 30 years from now. Maybe they’ll be lower! To deal with that uncertainty, there’s a pretty common (on these forums) approach: do Roth IRA and traditional 401k. That way you’re doing a bit of each. If your income swings EXTREMELY one way or the other, you can do more or less Roth stuff. ***by virtue of you posting in this thread, I will assume that you’ll make prudent savings decisions in the coming decades that will cause you to have sources of income (pension-likes, social security income, other investments income, side gigs, etc) that will bump your taxable income to this threshold. It is not true for all of America. DNK fucked around with this message at 17:27 on May 7, 2021 |
# ? May 7, 2021 17:22 |
|
spwrozek posted:I use Bitwarden. Not sure which one you are surprised not to see mentioned. I meant keypass. I use it and it was a bit of work to set up but I haven’t seen anyone mention it
|
# ? May 7, 2021 17:46 |
|
L0cke17 posted:Ok, so after doing more reading it looks like we want a traditional IRA. vanguard is no-fee if you get electronic statements and you have easy access to every vanguard fund if you're planning on going with a long term passive index strategy. their ui is complete rear end though, so if you're going to be doing more than continually buying into the same index funds or want a really good mobile experience you might want to look into other brokerages.
|
# ? May 7, 2021 18:28 |
|
|
# ? Jun 1, 2024 19:30 |
|
L0cke17 posted:Ok, so after doing more reading it looks like we want a traditional IRA. Reasons are roughly: fees, fund availability, UI, ability to access easily. Fidelity, Schwab, Vanguard are generally well-regarded.
|
# ? May 7, 2021 18:31 |