Either by sending a code to SMS or Email, you are able to sign into your account without ever needing to or being able to add a password. Why has this become a thing recently?
Either by sending a code to SMS or Email, you are able to sign into your account without ever needing to or being able to add a password. Why has this become a thing recently?
My previous bank does this sends an SMS. Extremely insecure & also pointless if a would be thief has my phone (if im stupid enough to use no/easily guessable PIN) or has compromised it.
Is there not an argument that password managers have been around long enough now that anyone reusing logins & easily guessable passwords responsible for their own stupidity? We all know not to leave our doors & windows wide open when we go on vacation.
banks have the most obnoxious, yet the stupidest security measures.
Banks are the web sites most likely to reject a generated password from my password generator
It’s been a few years, I dont know if they ever fixed it…
However, at least as of 2022, Wells Fargo (the 4th largest bank), had case insensitive passwords.
If you made your password
hUnTer2, you could also log in withHUNTER2,hunter2,HUntEr2, etc.All I can say is: Take my money!
How stupid of WF.
you underestimate how bad a lot of people are at using technology. something like banking can be a necessity and must be accessible to all. many banks should encourage more secure MFA but i understand why they can’t require it.
sometimes people just need to learn
we don’t always need a race to the dumbest bottom
accessibility must not mean sacrificing security
you’re asking the refugee who just immigrated, is learning the local language, and may not have had as much exposure to web banking systems and MFA and many aspects of cybersecurity to figure out how to set this up and manage it well without accidentally losing access.
you’re asking the old retiree who has no family left to help them and doesn’t understand technology very well but understands how to open the shortcut to the banks website and check their texts to suddenly understand a much more complex system than they’re used to.
you’re asking the young adult whose school didn’t teach them about technology and they were too poor to have much of their own to instantly learn about even more tools and apps on top of trying to adjust to using technology in general.
I’m not saying that improving security or moving towards a more secure baseline is bad, but for some critical public services security absolutely does not always trump accessibility. cybersecurity and technology education is more necessary at all levels and must equitably taught, but that will take time, resources, and effort. there are ways to improve security without compromising accessibility.