---

@Gunnar419 wrote:

Yes, it definitely worries me that so many banks have case insensitive passwords. I knew Amex did, but didn't know about those others.

 

It also worries me that so many companies limit the length of the password and forbid certain symbols to be used. We should have access to EVERYTHING that helps make our passwords more secure, period. In this day and age it's completely crazy to place requirements that make passwords less secure.

 

Also though, for our own part, we shouldn't be using the same password from bank to bank, but should use a different one for every login.

---

What this means is the password is being stored in plain text not hashed in the banks database. When you hash a password the password abcde and asdlkfjdfsgoihjskljvnsclkuv haepovjdobvuhsdfpohjdfpo take the same amount of space to store. When the bank limites you to 12 or 16 characters that means they are storing them in the database unhashed. Also a hashed password does not matter which characters you put in your password. 

It is simply amazing how insecure our banking is. 

Dan

EQ: 678 TU: 699 EX: 736

---

@Anonymous wrote:

---

@Anonymous wrote:

---

@Anonymous wrote:
I remember system called nem-id when I was in Denmark, they send you a card with bunch of one time use passwords, and each time you log on it ask you to match the password number printed on card. It was very secured system but if you forget to take it with you on travel or lose the card, can't log on until you have the card.

---

Yes.  Hopefully more will move towards soft tokens which are generated by an app on a smart phone, which you are more likely to have with you!

---

If a gaming company can make mobile authenticator, I don't see why credit card companies can't, but then again that'll cost credit card company money, so.... I don't think it's gonna happen soon. 

---

I don't think it is about the cost of the Tokens. It is actually about the cost of support calls. The support problems this causes for companies is huge. 

EQ: 678 TU: 699 EX: 736

---

@Anonymous wrote:

What about SmOrgasBoArD?

---

Lol! Just thinking that.

---

@Gunnar419 wrote:

Yes, it definitely worries me that so many banks have case insensitive passwords. I knew Amex did, but didn't know about those others.

 

It also worries me that so many companies limit the length of the password and forbid certain symbols to be used. We should have access to EVERYTHING that helps make our passwords more secure, period. In this day and age it's completely crazy to place requirements that make passwords less secure.

 

Also though, for our own part, we shouldn't be using the same password from bank to bank, but should use a different one for every login.

---

Actually, I do.  Only some minor non sensitive accounts use the same, and even those get varied.  All others are different and stored.

I can't believe I opened this thread thinking this was going to be about passwords that could offend others 

Perhaps someone can help me in explaining why this is a big deal. The way I see it, someone either knows my password EXACTLY or doesn't. I can't think of a situation where someone knows my password but can't remember if I capitalized the first letter or not. Not to mention that if someone has my password without hacking techniques, it's probably my fault for giving it to them. If they get the password from hacking techniques (whatever those might be), the person probably has my EXACT password. 

In a situation where the account is being accessed from a different computer, most companies ask additional questions or send a temporary code to a verified mobile device.  

In My Wallet: Amex BCP (12/12) $50,000, Chase Freedom (12/12) $16,500, Cap1 Quicksilver (6/12) $14,000, Barclaycard Rewards (5/13) $10,500, Citi Prestige (4/16) $30,000

Last App: June 27, 2015