Better n'th character and m'th character handling. It's bad having to show pwd in big text.

Anonymous

3 years ago

Excellent to see this advice being actively promoted.

When you write your next letter, it would be marvellous if you could also encourage them to OFFER at least (if mandating is too intrusive), then to at least OFFER support for MFA via FIDO2 / WebAuthn hardware tokens such as Yubikey.

Far too many banks have decided to meet EU security legislation by implementing the weakest form of MFA, i.e. by sending texts, which as you know, are not even remotely secure. It would be laughable if the subject was in any way funny.

I find it staggering that these large institutions with vast IT resources are so completely hopeless when it comes to implementing modern security frameworks. One of my banking customers in a former life had 1000's of user licenses for their analytical risk management software, so they seem to take that seriously. But when it comes to retail banking and the need to keep their customers secure, they relying on SMS messages for 2FA??? Bizzare.

Forum Discussion

Better n'th character and m'th character handling. It's bad having to show pwd in big text.

Featured discussions

PSA: Extension going blank or unresponsive in Chrome? Here's what we know

Recent discussions

I used 1password for Android 11, but I can’t anymore.

The frequency with which 1Password forgets the last-selected collection has suddenly increased

Login not populated for just one site

Cmd+1 Shortcut

Feature Request: Passkey export support