I’m lucky my banking app works (GrapheneOS), as it’s now requiring 2FA with the app anytime I login on the browser. Can’t use an actually secure form like TOTP. At least they now allow passwords over 8 characters (yes, serious).

(Meme in comments)

  • MTK@lemmy.world
    link
    fedilink
    English
    arrow-up
    36
    ·
    9 months ago

    I hate this so much!

    My bank is like that and another horrible thing is that after you choose your password (which can be long and complex) you need to choose a 6 DIGIT restore code incase you forgot your password…

    Why is is my BANK so bad at security??

    • Kairos@lemmy.today
      link
      fedilink
      English
      arrow-up
      15
      ·
      9 months ago

      Wait

      You have a second password that’s (opens calculator) 20 bits of entropy???

    • Dnn@lemmy.world
      link
      fedilink
      English
      arrow-up
      9
      ·
      9 months ago

      And they all develop their own shitty app for 2FA (the lazy ones just rebrand SecureGo as their own - you still have to install all of them separately) instead of using the 15 year old TOTP standard. The latter is good enough for tiny companies like Google and Amazon but what do they know about itsec, right?