topic Re: Clustering in Credit Cards

Clustering

wasCB14 — Sat, 24 Dec 2016 20:59:18 GMT

I’ve previously mentioned “clustering” as a way I keep my cards organized. I’m curious as to how useful others find this.

I’d say there are a few different degrees of clustering:

1. Same issuer, same login, same rewards. If you have a CSP or CSR, having a Freedom and Unlimited can really boost the UR earning rate with no extra AFs. If you have a problem with either of the no-AF cards, you can call the Sapphire line for good customer service. It’s like the Freedom and Unlimited just become extensions of the CSP/CSR….they become one card. Lots of people like this overlap. You can add in Ink cards, too.

2. Same issuer, same login, different rewards. My Hyatt and IHG cards have different rewards programs, but I can easily view activity on them from the same Chase.com login. Other people try to get the same result with third-party personal finance software, but I like knowing I have the most up-to-date information. Similarly, if I have a problem with either, I can call the Sapphire line. I really like this efficiency, but rarely hear others praise it. This is the kind I think may be underrated.

3. Same issuer, different login, different rewards. To me, this would barely qualify as clustering. If I had 10 cards from Synchrony or Comenity with 10 different logins I’d find it very frustrating. I guess it helps to know the rules if you want to run a series of SP CLI requests. I have a Citi Brooks Brothers card, but because I can’t view it from my Citi.com login, I feel like it’s from a different lender than for my AAdvantage and Prestige.

I have 13 cards spread across 6 logins. I’ve considered cutting back, but 6 logins isn’t too complicated. All else equal, I would rather app for a new card from an existing lender than one from a totally new lender. I know some people like to diversify heavily, and are happy to accept complexity as the tradeoff.

In most of the threads where people say they want to simplify their lineup, posters have a dozen or more different logins. The discussion seems to center around the sheer number of cards a person has, though, instead of how they fit with each other.

Does “quantity” get too much attention and “complexity” too little?

Re: Clustering

Anonymous — Sat, 24 Dec 2016 21:16:35 GMT

Lots of people probably don't mind all the various logins. I only have 5 cards with 4 logins so it's pretty easy for me.

Two of my cards are with Cap1, same login but I never log in. Those 2 cards are SD'd and I have 1 bill that is set to autpoay on each of those accounts. So instead of logging in, I get my balance texted to me daily for those. If I ever get texted that my balance is over $11 on either account I know there is an issue.

Beginning in March 2017, my Sallie with be SD'd and I'll have my AT&T bill set to autopay there. I don't think there is an option to have my balance texted to me with Barclay so I'll still have to log in periodically to ensure there is no fraud.

My main drivers after I SD SallieMae will be my CSR & Blispay so I login to those 2 daily.

And then factor in my Cap1 checking (& savings) login and my separate Barclay savings login 😥

It's quite enough for me!

Re: Clustering

Anonymous — Sat, 24 Dec 2016 21:28:05 GMT

@wasCB14 wrote:
I’ve previously mentioned “clustering” as a way I keep my cards organized. I’m curious as to how useful others find this.

I’d say there are a few different degrees of clustering:

1. Same issuer, same login, same rewards. If you have a CSP or CSR, having a Freedom and Unlimited can really boost the UR earning rate with no extra AFs. If you have a problem with either of the no-AF cards, you can call the Sapphire line for good customer service. It’s like the Freedom and Unlimited just become extensions of the CSP/CSR….they become one card. Lots of people like this overlap. You can add in Ink cards, too.

2. Same issuer, same login, different rewards. My Hyatt and IHG cards have different rewards programs, but I can easily view activity on them from the same Chase.com login. Other people try to get the same result with third-party personal finance software, but I like knowing I have the most up-to-date information. Similarly, if I have a problem with either, I can call the Sapphire line. I really like this efficiency, but rarely hear others praise it. This is the kind I think may be underrated.

3. Same issuer, different login, different rewards. To me, this would barely qualify as clustering. If I had 10 cards from Synchrony or Comenity with 10 different logins I’d find it very frustrating. I guess it helps to know the rules if you want to run a series of SP CLI requests. I have a Citi Brooks Brothers card, but because I can’t view it from my Citi.com login, I feel like it’s from a different lender than for my AAdvantage and Prestige.

I have 13 cards spread across 6 logins. I’ve considered cutting back, but 6 logins isn’t too complicated. All else equal, I would rather app for a new card from an existing lender than one from a totally new lender. I know some people like to diversify heavily, and are happy to accept complexity as the tradeoff.

In most of the threads where people say they want to simplify their lineup, posters have a dozen or more different logins. The discussion seems to center around the sheer number of cards a person has, though, instead of how they fit with each other.

Does “quantity” get too much attention and “complexity” too little?

Nice analysis! And I think it addresses one big part of the "I have too many cards" But there is still some other stuff, some people get overwhelmed (or if they are on here, there SOs get overwhelmed!) by things like deciding which card to use for a transaction. So even in the best cluster case, with all UR cards, I might have to remember which categories Freedom is on this quarter, or will Ink give more rewards here than FU etc.

Re: Clustering

wasCB14 — Sun, 25 Dec 2016 03:49:16 GMT

@Anonymous wrote:
Beginning in March 2017, my Sallie with be SD'd and I'll have my AT&T bill set to autopay there. I don't think there is an option to have my balance texted to me with Barclay so I'll still have to log in periodically to ensure there is no fraud.

The closest thing Barclaycard offers is that they will tell you "you're approaching your credit limit" by text or email if you tell them to contact you when you go within within $X of your credit limit. The emails (and, I assume, the texts) don't give specific dollar amounts.

Re: Clustering

wasCB14 — Sun, 25 Dec 2016 03:58:28 GMT

@Anonymous wrote:
Nice analysis! And I think it addresses one big part of the "I have too many cards" But there is still some other stuff, some people get overwhelmed (or if they are on here, there SOs get overwhelmed!) by things like deciding which card to use for a transaction. So even in the best cluster case, with all UR cards, I might have to remember which categories Freedom is on this quarter, or will Ink give more rewards here than FU etc.

Yes, I can see how there could be confusion with Freedom's rotating categories and all the different versions of Ink. Of course, the same would be true of any collection of category cards...especially when different issuers define bonus categories differently.

Re: Clustering

Anonymous — Sun, 25 Dec 2016 04:02:20 GMT

I have 10 credit cards. I have three word documents I keep hidden on my computer and keep triplicate copies on flashdrives.

1) Websites of all issuers with handle and password.

2) Names of all issuers and how much I owe for the month.

3) Names of all issuers and when I was approved, APR%, date payments are owed and last date I received a CLI.

It seems to be a very organized system for me.

Re: Clustering

Anonymous — Sun, 25 Dec 2016 04:18:15 GMT

I have a working google doc with a table chart of all my cards listed (7):

First Column:
Creditor/Card Type/Date Opened
Statement Close Date (every ___th of the month)
Payment Due (every ___th of month)
Last Payment (helps me remember which sock drawer cards can become closed for inactivity if my last purchase is almost a year ago)
Current Balance
APR %
Credit Limit (with notes about when I should request CLI)

Second-Fourth Column: Each CRA agency
I list when those cards report (every __th of month). *TransUnion is so slow and likes to skip every other month on some cards

Re: Clustering

Anonymous — Sun, 25 Dec 2016 04:47:48 GMT

@Anonymous wrote:
I have a working google doc with a table chart of all my cards listed (7):

First Column:
Creditor/Card Type/Date Opened
Statement Close Date (every ___th of the month)
Payment Due (every ___th of month)
Last Payment (helps me remember which sock drawer cards can become closed for inactivity if my last purchase is almost a year ago)
Current Balance
APR %
Credit Limit (with notes about when I should request CLI)

Second-Fourth Column: Each CRA agency
I list when those cards report (every __th of month). *TransUnion is so slow and likes to skip every other month on some cards

This is where YMMV. For you, this makes perfect sense, to others, it is WAY TOO much work and they would want to deal with just one or two cards, autopay in full on statement date and be done!

Re: Clustering

Anonymous — Sun, 25 Dec 2016 05:19:42 GMT

I pay everything in full on the 1st except for Blispay 6 month promos. I do keep track of when my payments are due just in case an emergency happens. Then a card whose payment is not due until the 18th might not get paid on the 1st.

Re: Clustering

jonfive — Sun, 25 Dec 2016 10:24:56 GMT

@Anonymous wrote:
I have 10 credit cards. I have three word documents I keep hidden on my computer and keep triplicate copies on flashdrives.

1) Websites of all issuers with handle and password.
2) Names of all issuers and how much I owe for the month.
3) Names of all issuers and when I was approved, APR%, date payments are owed and last date I received a CLI.

It seems to be a very organized system for me.

Just looking out for you and other forum members that read this thread here; mean no offense to your methods

Please don't put usernames and passwords in one file - if someone gets ahold of it, they have it all.. If you insist on continuing using word docs, spread them out to multiple password protected docs with no identifying information as to what they are or don't put them in a word doc. For 'hidden' files; if you accessed it at all, they can find it. It may as well be on your desktop.

While you can password protect a word doc, the password can be bruteforced - there's no protection stopping someone from doing so. They'll take all the time they need to do it because there is no protection. No protection from bruteforce = unlimited time to break it. If there were simply a "24 hours before you can try again", they'll wait 24 hours and continue. Costs them nothing and you everything.

If there's any identifying information used in any of your passwords (dates, names, places, times etc), someone would have every avenue to research it through your own browser, files, social media accounts and email. Thus making the bruteforce of your passwords much faster- if not instant. Also by having access to all of this information stored on your computer they have the ability to social engineer their way into your accounts. They get to know 'you' just by how you use your computer, then use it against you by seeing the businesses that you visit online and store in local files.

I highly suggest use of a password manager like Lastpass with two step verification ENABLED to log in. If you can avoid it, do not accept text verifications. There have recently been social engineering successes where the thief called the cell carrier, pretended they were the owner, gave identifying information they found and requested a new simcard; essentially HAVING the owner's cell phone in-hand. Carriers are more aware of these practices, but it still may happen. Get a hashed number in an authenticator app if possible. Apps like Google Authenticator, are not tied to your cellular service at all.

Lastpass includes extra steps, but it's worth it for security. You can export your user/passwords from Lastpass to a .csv, put it on a flash drive ***with read/write password protection***, then DELETE the csv from your local machine and empty the bin.

As for passwords:

Examples of bad passwords:

123456

password

passw0rd

qwerty

sally1216

bob1950

Examples of good passwords: DO NOT USE ANY OF THESE! Assume someone will try these immediately since they're posted on the internet.

eG%z^SEKb2OE

PTm&0n8v#Sxx

9DYwjN*g8y!U

^Bn3lIm&d33@

&Oc9IeEbtuXi

7o@cBMm8^uuc

As you can see in the good passwords; there's no identifying information, nothing tied to you, nothing tied to your usage and no full words.

Stay safe everyone!

Re: Clustering

Revelate — Sun, 25 Dec 2016 10:31:20 GMT

@jonfive wrote:
@Anonymous wrote:
I have 10 credit cards. I have three word documents I keep hidden on my computer and keep triplicate copies on flashdrives.

1) Websites of all issuers with handle and password.
2) Names of all issuers and how much I owe for the month.
3) Names of all issuers and when I was approved, APR%, date payments are owed and last date I received a CLI.

It seems to be a very organized system for me.
Just looking out for you and other forum members that read this thread here; mean no offense to your methods

Please don't put usernames and passwords in one file - if someone gets ahold of it, they have it all.. If you insist on continuing using word docs, spread them out to multiple password protected docs with no identifying information as to what they are or don't put them in a word doc. For 'hidden' files; if you accessed it at all, they can find it. It may as well be on your desktop.

While you can password protect a word doc, the password can be bruteforced - there's no protection stopping someone from doing so. They'll take all the time they need to do it because there is no protection. No protection from bruteforce = unlimited time to break it. If there were simply a "24 hours before you can try again", they'll wait 24 hours and continue. Costs them nothing and you everything.

If there's any identifying information used in any of your passwords (dates, names, places, times etc), someone would have every avenue to research it through your own browser, files, social media accounts and email. Thus making the bruteforce of your passwords much faster- if not instant. Also by having access to all of this information stored on your computer they have the ability to social engineer their way into your accounts. They get to know 'you' just by how you use your computer, then use it against you by seeing the businesses that you visit online and store in local files.

I highly suggest use of a password manager like Lastpass with two step verification ENABLED to log in. If you can avoid it, do not accept text verifications. There have recently been social engineering successes where the thief called the cell carrier, pretended they were the owner, gave identifying information they found and requested a new simcard; essentially HAVING the owner's cell phone in-hand. Carriers are more aware of these practices, but it still may happen. Get a hashed number in an authenticator app if possible. Apps like Google Authenticator, are not tied to your cellular service at all.

Lastpass includes extra steps, but it's worth it for security. You can export your user/passwords from Lastpass to a .csv, put it on a flash drive ***with read/write password protection***, then DELETE the csv from your local machine and empty the bin.

As for passwords:

Examples of bad passwords:
123456
password
passw0rd
qwerty
sally1216
bob1950

Examples of good passwords: DO NOT USE ANY OF THESE! Assume someone will try these immediately since they're posted on the internet.
eG%z^SEKb2OE
PTm&0n8v#Sxx
9DYwjN*g8y!U
^Bn3lIm&d33@
&Oc9IeEbtuXi
7o@cBMm8^uuc

As you can see in the good passwords; there's no identifying information, nothing tied to you, nothing tied to your usage and no full words.

Stay safe everyone!

Unless you're using something like Lastpass or similar those are flatly awful passwords Leads to dumb crap like writing them on postIt notes under keyboards... I've never been fully on the security side but I've had my encounters with such silly stuff.

Stringing random words together can be remembered, think the best example I remember reading was something like zenbluejumphorsebutterflies: nearly impossible to dictionary guess, more difficult to brute force than what you have, and best of all don't have to write it down to remember it.

Re: Clustering

jonfive — Sun, 25 Dec 2016 10:45:37 GMT

@Revelate wrote:
Unless you're using something like Lastpass or similar those are flatly awful passwords Leads to dumb crap like writing them on postIt notes under keyboards... I've never been fully on the security side but I've had my encounters with such silly stuff.

Stringing random words together can be remembered, think the best example I remember reading was something like zenbluejumphorsebutterflies: nearly impossible to dictionary guess, more difficult to brute force than what you have, and best of all don't have to write it down to remember it.

Totally agree! A mnemonic is the way to go if allowed the character count - but some will not let a customer use something like a 27 character password.

The problem with a remembered password is that they eventually get re-used in multiple places.

Re: Clustering

Revelate — Sun, 25 Dec 2016 11:14:25 GMT

@jonfive wrote:
@Revelate wrote:
Unless you're using something like Lastpass or similar those are flatly awful passwords Leads to dumb crap like writing them on postIt notes under keyboards... I've never been fully on the security side but I've had my encounters with such silly stuff.

Stringing random words together can be remembered, think the best example I remember reading was something like zenbluejumphorsebutterflies: nearly impossible to dictionary guess, more difficult to brute force than what you have, and best of all don't have to write it down to remember it.

Totally agree! A mnemonic is the way to go if allowed the character count - but some will not let a customer use something like a 27 character password.

The problem with a remembered password is that they eventually get re-used in multiple places.

True but a small variation wouldn't be hard say butterflies = barclays, antelope = amex, cheetah = chase etc.

The bigger problem as you suggest is lenders (and others) that only allow 8 characters and similar utter stupidity like that for passwords. So last millenium, get your crap together .

Re: Clustering

jonfive — Sun, 25 Dec 2016 11:14:10 GMT

@Revelate wrote:

True but a small variation wouldn't be hard say butterflies = barclays, antelope = amex, cheetah = chase etc.
The bigger problem as you suggest is lenders that only allow 8 characters and other STUPID crap like that for passwords. So last millenium, get your crap together .

Hah, Yeah!!

Pnc wouldn't even let me use special characters! Dropped them thankfully

Re: Clustering

Anonymous — Sun, 25 Dec 2016 17:25:27 GMT

Forgot to mention my 5th column says utilization.

I PIF all of the cards after each purchase except 2 which i keep total utilization below 10%. Details for the others pretty much stay the same. The chart is only for reference so I dont have to long into each account to remember the terms

Re: Clustering

Anonymous — Sun, 25 Dec 2016 18:31:12 GMT

@Revelate wrote:
@jonfive wrote:
@Anonymous wrote:
I have 10 credit cards. I have three word documents I keep hidden on my computer and keep triplicate copies on flashdrives.

1) Websites of all issuers with handle and password.
2) Names of all issuers and how much I owe for the month.
3) Names of all issuers and when I was approved, APR%, date payments are owed and last date I received a CLI.

It seems to be a very organized system for me.
Just looking out for you and other forum members that read this thread here; mean no offense to your methods

Please don't put usernames and passwords in one file - if someone gets ahold of it, they have it all.. If you insist on continuing using word docs, spread them out to multiple password protected docs with no identifying information as to what they are or don't put them in a word doc. For 'hidden' files; if you accessed it at all, they can find it. It may as well be on your desktop.

While you can password protect a word doc, the password can be bruteforced - there's no protection stopping someone from doing so. They'll take all the time they need to do it because there is no protection. No protection from bruteforce = unlimited time to break it. If there were simply a "24 hours before you can try again", they'll wait 24 hours and continue. Costs them nothing and you everything.

If there's any identifying information used in any of your passwords (dates, names, places, times etc), someone would have every avenue to research it through your own browser, files, social media accounts and email. Thus making the bruteforce of your passwords much faster- if not instant. Also by having access to all of this information stored on your computer they have the ability to social engineer their way into your accounts. They get to know 'you' just by how you use your computer, then use it against you by seeing the businesses that you visit online and store in local files.

I highly suggest use of a password manager like Lastpass with two step verification ENABLED to log in. If you can avoid it, do not accept text verifications. There have recently been social engineering successes where the thief called the cell carrier, pretended they were the owner, gave identifying information they found and requested a new simcard; essentially HAVING the owner's cell phone in-hand. Carriers are more aware of these practices, but it still may happen. Get a hashed number in an authenticator app if possible. Apps like Google Authenticator, are not tied to your cellular service at all.

Lastpass includes extra steps, but it's worth it for security. You can export your user/passwords from Lastpass to a .csv, put it on a flash drive ***with read/write password protection***, then DELETE the csv from your local machine and empty the bin.

As for passwords:

Examples of bad passwords:
123456
password
passw0rd
qwerty
sally1216
bob1950

Examples of good passwords: DO NOT USE ANY OF THESE! Assume someone will try these immediately since they're posted on the internet.
eG%z^SEKb2OE
PTm&0n8v#Sxx
9DYwjN*g8y!U
^Bn3lIm&d33@
&Oc9IeEbtuXi
7o@cBMm8^uuc

As you can see in the good passwords; there's no identifying information, nothing tied to you, nothing tied to your usage and no full words.

Stay safe everyone!
Unless you're using something like Lastpass or similar those are flatly awful passwords Leads to dumb crap like writing them on postIt notes under keyboards... I've never been fully on the security side but I've had my encounters with such silly stuff.

Stringing random words together can be remembered, think the best example I remember reading was something like zenbluejumphorsebutterflies: nearly impossible to dictionary guess, more difficult to brute force than what you have, and best of all don't have to write it down to remember it.

Also, I don't know how much effort it is worth putting into a credit card account login. Much more likely to be hacked at the bank, as far as I remember none of the accounts show SSN, so at best they have a credit card number (with no expiration date or CVV) And you aren't responsilbe anyway. Online bank accounts do need more protection as you can send money anywhere and probably much more work to get it back.

Re: Clustering

vanillabean — Sun, 25 Dec 2016 20:44:51 GMT

@Anonymous wrote:

Nice analysis! And I think it addresses one big part of the "I have too many cards" But there is still some other stuff, some people get overwhelmed (or if they are on here, there SOs get overwhelmed!) by things like deciding which card to use for a transaction. So even in the best cluster case, with all UR cards, I might have to remember which categories Freedom is on this quarter, or will Ink give more rewards here than FU etc.

At the end of the year, it’s a never-ending form of amusement to me to consolidate having the payments of my bills automated. If I should happen to be stuck on a desert island with little more than a beer tap and some Rockette, it’s comforting to know that little can go wrong while I’m away from home.

The two Chase and Amex logins take care of most of my credit cards. The iPhone’s clustering Touch ID is a great help in my everyday life, not to forget the spreadsheet which keeps the checking account above zero, the one thing that’s hard to automate; an as needed transfer from your retirement would work.

So simple does it, but knowing to value it is not helped by our easy access to credit cards and the data overload in this day and age, of continuously being distracted and yes overwhelmed. Perhaps Ambrose LeVan, who remembers what Christmas was like 100 years ago, said it best.

"It’s disheartening to see kids with so many presents take them and tear off the covering like it’s another piece of junk," he said. "They’re opening them without any real appreciation for what went behind that gift — the thought in selecting it, the cost of it."

Re: Clustering

wasCB14 — Tue, 27 Dec 2016 09:13:02 GMT

@wasCB14 wrote:
If you have a CSP or CSR, having a Freedom and Unlimited can really boost the UR earning rate with no extra AFs. If you have a problem with either of the no-AF cards, you can call the Sapphire line for good customer service. It’s like the Freedom and Unlimited just become extensions of the CSP/CSR….they become one card. Lots of people like this overlap. You can add in Ink cards, too.

This advantage was useful today. I had some 100% fraudulent card-not-present fraud on Freedom and called the back-of-card CSP line, and was then transferred to Security. The rep in the regular Security department redirected my call to the Executive team which seemed an unnecessary delay for something straightforward and within the Security department's expertise.

Still, I'd certainly rather *be slightly delayed and* deal with the Executive team than some of the clowns at other banks. It was a case of my Freedom acting like a CSP with occasionally better rewards.

Re: Clustering

Dalmus — Tue, 27 Dec 2016 14:38:42 GMT

@Anonymous wrote:
Forgot to mention my 5th column says utilization.

I PIF all of the cards after each purchase except 2 which i keep total utilization below 10%. Details for the others pretty much stay the same. The chart is only for reference so I dont have to long into each account to remember the terms

The spreadsheet I developed for myself (yes, it is stored as a protected file with an irelvant name inside a protected folder with and irelvant name on a protected flash drive kept in a fire safe.. how's that for paranoid?) is a little more in-depth, because I found that it just works better for me. I fully admit I'm a little anal with my credit recovery.

Here are my columns:

CLI History-Opened-Updated-Account Name-User-Pass-Limit-Balance-Util-Avail-APR-Curent Month-Next Month-Amount Paid-Date Paid-Minimum Due-Due Date

I mark whether a payment has been made/scheduled in the month fields so I can tell at a glance what needs to be addressed. I also have a few color codes in there, as well.

Re: Clustering

Dalmus — Tue, 27 Dec 2016 14:40:49 GMT

@Anonymous wrote:
I have 10 credit cards. I have three word documents I keep hidden on my computer and keep triplicate copies on flashdrives.

1) Websites of all issuers with handle and password.
2) Names of all issuers and how much I owe for the month.
3) Names of all issuers and when I was approved, APR%, date payments are owed and last date I received a CLI.

It seems to be a very organized system for me.

Don't see a lot of people use the term "handle." Are you an old dial-up BBSer, or a HAM operator?