Comments on: Follow-Up to Is Mint.com Safe http://www.jasonowens.com/follow-up-to-is-mint-com-safe/ Learn. Teach. Grow. Sun, 15 Jan 2012 22:45:24 +0000 hourly 1 By: Esshttp://www.jasonowens.com/follow-up-to-is-mint-com-safe/comment-page-1/#comment-880 Ess Thu, 30 Dec 2010 15:40:46 +0000 http://www.jasonowens.com/?p=609#comment-880 I found your discussion of Mint.com to be very illuminating. I had started an account but was concerned about having all of my financial data in one place. After reading your analysis, I agree that Mint.com falls short of the mark, since fairly simple measures like an automatic lock-out after a certain number of failed attempts, and challenge questions before allowing a new password, are missing from their site. However, I am still looking for some sort of budgeting software to help me keep things on track, as Excel spreadsheets just don't quite cut it. I was wondering if you'd ever considered looking at Thrive (https://www.justthrive.com), a site that is a lot like Mint.com but does have a challenge question for password reset and automatic lock-out after too many failed attempts. I would love to know your take on it (especially before I give them my financial info!). Thank you for making internet security comprehensible! I found your discussion of Mint.com to be very illuminating. I had started an account but was concerned about having all of my financial data in one place. After reading your analysis, I agree that Mint.com falls short of the mark, since fairly simple measures like an automatic lock-out after a certain number of failed attempts, and challenge questions before allowing a new password, are missing from their site.

However, I am still looking for some sort of budgeting software to help me keep things on track, as Excel spreadsheets just don’t quite cut it. I was wondering if you’d ever considered looking at Thrive (https://www.justthrive.com), a site that is a lot like Mint.com but does have a challenge question for password reset and automatic lock-out after too many failed attempts. I would love to know your take on it (especially before I give them my financial info!). Thank you for making internet security comprehensible!

]]> By: Cymenhttp://www.jasonowens.com/follow-up-to-is-mint-com-safe/comment-page-1/#comment-37 Cymen Fri, 26 Mar 2010 19:25:38 +0000 http://www.jasonowens.com/?p=609#comment-37 It boggles the mind that someone would call you out on providing free analysis of a service in which security is essential. The account information and aggregation of transactions is enough to provide quite a bit of financial and potentially credit-record damage to the account holder if misused. On a slightly different topic, have you taken a look at PayPal's use of the Versign "credit card" RSA tokens? I was curious enough to pay the $5 to receive the card. It is an interesting device but PayPal does allow bypassing the use of it even when it is tied to an account. So I wonder if the security offered by the device is mostly circumvented in order to maintain convenient access to the account. It boggles the mind that someone would call you out on providing free analysis of a service in which security is essential. The account information and aggregation of transactions is enough to provide quite a bit of financial and potentially credit-record damage to the account holder if misused.

On a slightly different topic, have you taken a look at PayPal’s use of the Versign “credit card” RSA tokens? I was curious enough to pay the $5 to receive the card. It is an interesting device but PayPal does allow bypassing the use of it even when it is tied to an account. So I wonder if the security offered by the device is mostly circumvented in order to maintain convenient access to the account.

]]> By: Mint.com in 2010 – Is it Safe? | Jason Owens | Certified Security and Management skills with a background in leadership, integration, consulting, client management, and more...http://www.jasonowens.com/follow-up-to-is-mint-com-safe/comment-page-1/#comment-26 Mint.com in 2010 – Is it Safe? | Jason Owens | Certified Security and Management skills with a background in leadership, integration, consulting, client management, and more... Fri, 19 Mar 2010 15:23:34 +0000 http://www.jasonowens.com/?p=609#comment-26 [...] When you’re done reading this article, please check out the follow-up posting for additional [...] [...] When you’re done reading this article, please check out the follow-up posting for additional [...]

]]>