Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I stopped counting the number of times I called up banks in the UK to give them grief over their "security". My favourite pet peeve is the Mastercard SecureID and Secured by Visa. Both allow only a few characters with just letters and numbers. I get furious that my very secure passwords are not allowed.

One bank blamed the system, saying the reason it's doing it this way is because it's "American".



My bank insists on a five digit numeric pin to login to the online banking. FIVE NUMBERS EXACTLY. I mean... seriously, WTF?


But you get locked out forever after three tries. Consider the PIN to be a convenient way to not have to call the helpdesk every time you want to access your account, not as a key used to secure your data for eternity.


I wonder how many people's PINs are the first few digits of pi, e, or the Fibonacci sequence.


One number less and hackers would be all over them! Be thankful for that extra number! ;-)


Are they assuming you're too brain dead to remember more?


Does Verified by VISA works (or not working) the same everywhere? I thought each bank has to support it independently, so I'm only blaming my bank for requiring me to use exactly 6-digit numbers as my VbV password.


Not sure how it works outside the UK. The bank I was referring to was adamant it wasn't their fault (I pushed hard) but Visa's.


My VbV password here in Sweden can contain letters, numbers and most special characters without complaint.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: