I travel the world, especially Asia.
I can tell you that by and large, computer security in Asia is better for the average user than in the United States.
You know your 4-digit ATM PIN number? That would not be legal in most of Asia. It has to be 6 digits. Door locks, safes, ATM PINs and credit card PINs must be at least 6 digits.
Global Banks often will issue a “security device” which is a thin plastic card with an LCD display and a membrane keypad. You need this to log in.
When you log into a global bank you enter your user name, and then your password. Then, you take the security device and punch in your PIN on this. It then displays a 6-digit code that you add to a third field on the log in screen.
This means you need to know a secret (the password and the security device PIN) and must possess the device as well.
Amazon AWS offers a similar security device (which we use and recommend.)
Yes, it is a hassle to have to carry the security device around. But what it means is that your online accounts cannot be hacked via their password.
The one thing I wish was that all of my online accounts could use the same security device. Then, I would only have to carry one of them around. (I now have a keychain with a dozen of them.)
Really, if we all could carry around just one single security device that would be accepted by any online account it would put an end to fraud and password hacking. This same device could even be used for ATMs and credit cards. It would be great!
Surely we can establish a national PGP standard for these security devices and then widely adopt it on all websites. Fraud be gone!