Posted Sunday 13th January 2008 13:47 GMT
It boggles the mind that someone actually uses public PC for anything sensitive.
Also amazing is that there are still banks that do not have some kind of one time password system to prevent someone from stealing account info with just a simple key logger.
I got my first online bank account in 1998 or so, and even then the bank I was using used one time passwords in piece of paper, where you crossed passwords out after each use.
Posted Monday 14th January 2008 09:34 GMT
> amazing is that there are still banks that do not have some kind of one time
> password system
Yeah. I agree. My primary bank uses a unique system that requires one to have a registered cellphone number (or a SMS-enabled landline phone) with them, and each time a transaction is carried out online an SMS (text message for the stateside folks) with a 6-digit code is sent to the registered phone, and the transaction will refuse to proceed until the code is entered into the page. This method has two advantages:
1. Stall the thief as he tries to brute force through your account as he'll never get the code (certain exceptions apply i.e. he has somehow managed to pull off some sort of suave social engineering with the bank to change the SMS phone number), and
2. It alerts you when someone is accessing your account and is trying to do stupid things with it.
I was surprised that such feature wasn't available on another bank account I opened when I switched jobs last year (had to, the job refuses bank money straight into my primary account).
Posted Monday 14th January 2008 11:40 GMT
No one in my office has that facility; I'm assuming you're UK from the SMS/stateside remark?
Cheers,
Back to the article