Friday, November 19, 2010

You Call That "Security"?

Ok, so my "security-minded" bank requires you to change your web portal password at 45-day intervals. Further, they require a minimum password length and you can't re-use a password within ten change. Oh... and these rules are in place for a service that gets used once every 30 days (so, it's not like you get a chance to memorize your password by frequent use).

Even more fun is that: A) they don't have an online password reset tool once you get locked out; and, B) they only have CSRs available M-F during business hours.

Toss in the fact that passwords may not contain the types of characters I use to make my passwords "suitably complex":

...and this bank's authentication system is kind of a joke.

No comments:

Post a Comment