Thanks jr for the clarification. Would I be correct then in saying that the security protocols for online are more aimed at the risk factor of having some exchange holding them than an actual personal hacking risk on a general user's computer? In the same context as your Target example: always have good passwords for stuff you do online but with 3rd party sites dealing with your money, extra security is best. Common sense more than some immediate looming threat?