I use a password manager.
I have a different password for every site.
My passwords are as long and as random as they can be.
I’m extra wary about online banking setup due to the impact of any breach.
I was setting up a new account with a well known high street bank last night and was amazed that:
The password can only be a maximum of 12 characters.
The password can only contain alphanumeric characters – no punctuation allowed.
There is a secondary question (and two questions for password resets) – these questions are pre-defined and there is no option to choose your own question. (Is my mothers maiden name or my first employer really a secret?)
My Solution
Don’t answer the questions that are being asked. Store (in the password manager) a long random password that DOES include all available characters against the questions being asked.
Another pet peeve – don’t ask me to provide a subset of characters from my password unless you can explain to me how you can resolve this by only storing a salted hash of my password rather than storing it in plain text.
2 replies on “Online Banking Security – Password Limitations”
tag:facebook.com,2013:10155539406199623_liked_by_10154985964204565
Iain Kane
https://www.facebook.com/639024622/posts/10155539406199623#liked-by-10154985964204565
tag:twitter.com,2013:880719122954412033_favorited_by_370893025
Claire Campbell
https://twitter.com/RossGoodman/status/880719122954412033#favorited-by-370893025