Staying logged into bank a bad idea?

[=MGN=RedEagle]

Hi guys,

Why is staying logged into bank sites and other sites a bad idea? Technologically speaking how do people need to be near your wifi location to hack you when you do this?

 

[SneakyDave]

The banks I use give about a 5 minute period of inactivity before logging you out, so hopefully you have that to fall back on

 

[=MGN=RedEagle]

Just wondering about the security issue behind it... do people need to be near to exploit the vulnerability?

 

[Teapot]

Just wondering about the security issue behind it... do people need to be near to exploit the vulnerability?

Proximity is irrelevant here - if they're on the same network as you (and your privacy/sharing settings aren't up to scratch), there's potential for a security risk. Don't take this out of context, though - with proper diligence (i.e. logging out when you're done), you should be okay.

 

[=MGN=RedEagle]

Proximity is irrelevant here - if they're on the same network as you (and your privacy/sharing settings aren't up to scratch), there's potential for a security risk. Don't take this out of context, though - with proper diligence (i.e. logging out when you're done), you should be okay.

Thanks, I am trying to discover the risks of staying logged into websites to help me develop some better security.

 

[Carlos]

Why is staying logged into bank sites and other sites a bad idea? Technologically speaking how do people need to be near your wifi location to hack you when you do this?

WiFi isn't a secure technology, yet. You log in with WiFi, and you are in the midst of a hacker, your info can easily be stolen, or the hacker can easily do something malicious. No one smart is stupid enough to log in while at a WiFi hotspot. And if you stay online at that bank site long enough, it makes the hacker's job much easier. Because you're logged in, he can easily do malicious actions without having to log into your account. And leave no trace that HE hacked it. You can be blamed for doing the action yourself because you left it logged in.

However, if you have a router (that has WiFi) at home, and you locked down the entire router, so that no one outside of your network can use it, you can log into any website and not worry about having to log out.

 

[=MGN=RedEagle]

WiFi isn't a secure technology, yet. You log in with WiFi, and you are in the midst of a hacker, your info can easily be stolen, or the hacker can easily do something malicious. No one smart is stupid enough to log in while at a WiFi hotspot. And if you stay online at that bank site long enough, it makes the hacker's job much easier. Because you're logged in, he can easily do malicious actions without having to log into your account. And leave no trace that HE hacked it. You can be blamed for doing the action yourself because you left it logged in.

Ya, I never use wifi. I have a lot of stuff I log into each day and I want to know if staying logged in is a bad idea even if I am at home and I use a wired connection.

 

[Carlos]

Ya, I never use wifi. I have a lot of stuff I log into each day and I want to know if staying logged in is a bad idea even if I am at home and I use a wired connection.

In that case, lock down the router to just you and whoever asks for your passphrase (hopefully people you trust). I had a case where a "bystander" was trying to use my router's WiFi network, and I noticed my computer running slow. Lo and behold: He's right outside, trying to gain entry into my network and then maybe into my computer. I bought a new router right away, and secured my network.