Log In
Register
Home
Topic RSS
Facebook
Twitter
Email this5:49 pm
October 27, 2018
Offline
A couple of weeks ago I was ranting about CRA's MyAccount and sign-in partner.
https://www.highinterestsavings.ca/forum/general-financial-discussion/cra-myaccount-security/
Now this breach occurred. However, the more that I read about it, the more that I believe that CRA could have had adequate security but for whatever reason did not. i.e. 2-step verification, Recaptcha option (for preventing 'bots).
In practice, every website that you have an account with has your particular password recorded (this is logical otherwise you couldn't access the website). When (not if) the entity is breached, the criminals stole your userid (which many times is your email address) and, you have to assume, your password. This is why when the breach is reported, the customer is always asked to change his/her password asap.
Folks, you have to assume that every password you have with account with an entity will one day be stolen. With that in mind, create a different password for each application.
I know that they say to change your passwords every 90 days. How about change your passwords every time that a "breach" is reported (this is probably about the same frequency).
I am not a security expert, I am an accountant who has taken auditing courses over 30 years ago. I know an internal control "weakness" when I see it. I am surprised that these IT professionals could not see it.
6:15 am
May 20, 2016
Offline
The CRA "My Account" is still not working as of now. The government IT service is terrible!
I logged into my account using "CRA Login" after clicking "each image containing a truck" (CRA added this security measure) and answering a security question. But, when I clicked "Next" to get into my account details, there was an error message.
7:03 am
March 30, 2017
Offline
Patch002 said
A couple of weeks ago I was ranting about CRA's MyAccount and sign-in partner.https://www.highinterestsavings.ca/forum/general-financial-discussion/cra-myaccount-security/
Now this breach occurred. However, the more that I read about it, the more that I believe that CRA could have had adequate security but for whatever reason did not. i.e. 2-step verification, Recaptcha option (for preventing 'bots).
In practice, every website that you have an account with has your particular password recorded (this is logical otherwise you couldn't access the website). When (not if) the entity is breached, the criminals stole your userid (which many times is your email address) and, you have to assume, your password. This is why when the breach is reported, the customer is always asked to change his/her password asap.
Folks, you have to assume that every password you have with account with an entity will one day be stolen. With that in mind, create a different password for each application.
I know that they say to change your passwords every 90 days. How about change your passwords every time that a "breach" is reported (this is probably about the same frequency).
I am not a security expert, I am an accountant who has taken auditing courses over 30 years ago. I know an internal control "weakness" when I see it. I am surprised that these IT professionals could not see it.
I second all website that contains financial info etc should have 2-step verification in place, that should be a requirement.
9:54 am
January 12, 2019
Offline
Dean said
.
UPDATE ... The CRA expects their site to be available again by 'Wednesday'.Source ➡ https://www.bnnbloomberg.ca/cra-expects-online-services-back-wednesday-following-breaches-1.1480865
Dean
Well here we are at 'Wednesday' ... and it's Still not available ❗ 
- Dean
" Live Long, Healthy ... And Prosper! "
10:08 am
October 27, 2013
Offline
Would rather it take CRA all week to do it right than to rush it.
10:20 am
January 12, 2019
Offline
AltaRed said
Would rather it take CRA all week to do it right than to rush it.
I wouldn't worry ... unless they're owed money, the CRA are Masters at moving slowly.
Who knows ... maybe they meant 'Next' Wednesday ... LOL 
- Dean
" Live Long, Healthy ... And Prosper! "
10:22 am
October 27, 2013
Offline
AFAIK, there are no income tax related payments due to CRA until end of September.
10:32 am
February 27, 2018
Offline
I just received my tax installment bill for sept 15th and dec 15th.
To all the freeloaders riding ON the wagon, you're welcome.
11:00 am
May 24, 2016
Offline
Don’t feel bad, Kidd, many, many people probably wish they were earning enough to have to pay that amount of taxes. A friend of mine complains that she earns too much to take advantage of OAS. You may have a good idea of what I say to her.
12:04 pm
September 11, 2013
Offline
Not sure why CRA current bills are showing instalments due Sept 15 when no tax payments are due until Sept 30.
1:06 pm
October 21, 2018
Offline
"To all the freeloaders riding ON the wagon, you're welcome."
Saying "your welcome" implies that they thanked you for your payment KIDD. Unfortunately it's exactly the opposite. Instead of being thankful for the generous government benefits that you and I pay for, they resent us because we were successful and they were not. BTW, I've got you beat as I will be paying $17,506 at the end of September. That's a total of April's payment on filing and 3 installment payments for me and my wife that I've held off on and my installments are a lot more than yours.
Classic example is my wife's sister. She pays no income tax at all, and gets the GIS, the Ontario Trillium Benefit and the HST refund, but complains that the government doesn't do anything for seniors. She has no idea how much she is benefiting and she was a teacher for 30 years.
1:29 pm
October 27, 2013
Offline
Bill said
Not sure why CRA current bills are showing instalments due Sept 15 when no tax payments are due until Sept 30.
The installment letter in the Default option starts off with saying payment for June 15th and Sept 15th is not due until Sept 30th. Installment dates are fixed but payment dates have been deferred. What is not clear about that?
1:33 pm
October 17, 2018
Offline
pwm said
"To all the freeloaders riding ON the wagon, you're welcome."Saying "your welcome" implies that they thanked you for your payment KIDD. Unfortunately it's exactly the opposite. Instead of being thankful for the generous government benefits that you and I pay for, they resent us because we were successful and they were not. BTW, I've got you beat as I will be paying $17,506 at the end of September. That's a total of April's payment on filing and 3 installment payments for me and my wife that I've held off on and my installments are a lot more than yours.
Classic example is my wife's sister. She pays no income tax at all, and gets the GIS, the Ontario Trillium Benefit and the HST refund, but complains that the government doesn't do anything for seniors. She has no idea how much she is benefiting and she was a teacher for 30 years.
Teacher for 30 years with no pension ? What's her secret ?
1:35 pm
May 24, 2016
Offline
pmw - doesn’t your sister-in-law receive a pension from her teaching job? How is she able to get all the benefits you listed? Even so, personally, I’d rather not qualify for them, preferring to earn enough to stand on my own two feet.
1:52 pm
October 21, 2018
Offline
Teacher for 30 years with no pension ?
Unscrupulous investment advisors from CI convinced her to take the commuted value of her pension and invest it with them. Also they sold her an unreasonable amount of inappropriate life insurance. That's the answer in a nutshell.
2:34 pm
January 12, 2019
Offline
AltaRed said
Would rather it take CRA all week to do it right than to rush it.
Dean said
I wouldn't worry ... unless they're owed money, the CRA are Masters at moving slowly.
Who knows ... maybe they meant 'Next' Wednesday ... LOL
Dean
And here's a Very Good example of just how 'Slow' the CRA can be ... and one of the Main reasons they're 'In The Fix', they're in today . . .
Today's CTV News article ➡ https://www.ctvnews.ca/canada/cra-cyberattack-victims-say-they-notified-agency-about-hack-long-before-breaches-confirmed-1.5070362
.
- Dean
" Live Long, Healthy ... And Prosper! "
4:28 pm
November 8, 2018
Offline
pwm said
"To all the freeloaders riding ON the wagon, you're welcome."Saying "your welcome" implies that they thanked you for your payment KIDD. Unfortunately it's exactly the opposite.
Not everyone like that. I was writing thank you to Kidd, because it is people like him who will be paying my OAS, and my GIS, and OHIP, etc., etc. when I hit the certain age - but decided against posting it, because it could be considered sarcastic instead of sincere.
By the way, checking my tax return from the last year I was employed full time, it says "Total income tax deducted: $55,248.06"
I think that would be enough for two seniors collecting OAS+GIS in that year. Whoever you were, you are welcome.
4:42 pm
March 15, 2019
Offline
CRA accounts are back online and now you must do a 3 page captcha before you get logged in.
5:34 pm
October 29, 2017
Offline
krwilson said
CRA accounts are back online and now you must do a 3 page captcha before you get logged in.
Not sure what you mean. I used Login-Partner and it’s the same as always. I guess if you login through CRA, you need to fully verify yourself before they accept that it’s really you.
5:57 pm
January 12, 2019
Offline
krwilson said
CRA accounts are back online and now you must do a 3 page captcha before you get logged in.
Yes, they announced that ⬆ earlier (https://www.ctvnews.ca/politics/cra-online-services-working-again-after-attacks-shut-them-down-for-days-1.5071304).
But you Still can't access your CRA ''My Account', via your 'My Service Canada Account'.
Who knows ... maybe they'll have that fixed by next Tuesday 
-
Dean
" Live Long, Healthy ... And Prosper! "
Please write your comments in the forum.