[zackmorris]

I wonder if her or her husband ever accessed any of their accounts using their cell phones. I've seen tons of stories lately about Samsung Galaxy phones being compromised so at this point I just assume that if top of the line phones are pwned, then all cell phones are.

I'm kind of shocked that there have been no class action lawsuits on phone manufacturers. Especially from banks.. just imagine the liability of millions of customers getting keylogged no matter what the bank uses to secure its site (even two factor authentication). It's almost unfathomable.

Someone really should make a one time pad login that doesn't work a second time even if you look over the user's shoulder. For example their password could be their favorite song and the site would ask them to enter the 2nd, 3rd and 4th letters of the 5th, 6th and 7th word respectively or something. Or how about a custom grid of letters printed on the back of the phone they’d look up positions on so it would have to at least be in someone's physical possession. Or how about a dongle in the headphone jack that's hardcoded and can't be hacked, that the user would type rolling codes through. There has to be a better way of doing this!