[RPMick]

[ QUOTE ]
For example if I have played on PS from Sweden all the time, would someone from China be able to log on and play on my account. If yes, why?

[/ QUOTE ]

Because people like me, play from Japan where they live. Return to the states for business and vacation, go off to other parts of the world on business, and play poker online the whole way.

It's not often easy to just pick up a phone and verify my identity every time I land in another country.

PW management is key. Whoever hit on it with the sarcasm is very much correct. As long as sites have processes in place to identify x number of unsuccessful login attempts, a strong password should be all you need.(BTW, sites that limit special character usage in PW's are ridiculous)

The hypothetical, got your computer, got your pw, got your life thing is very unlikely. Especially for people who exert the slightest of protective measures.

My main concern is the larger target, the sites themselves. It's much easier to find and attack a site than it is an individual. Are they obligated in any way to protect your money? Are they required to notify you when your account may have been fraudulently accessed? Do they have a moral obligation to make their security efforts publicly known? Would that even be a good idea?

It's a very interesting topic and one that always catches my eye when brought up.