OT Bank relaxes security. Acceptable?
Is there a good newsgroup for internet security (not involving viruses
Until then, this is what I got when I logged into my bank account just
now to check my balance:
"We're simplifying the way you sign in
You'll soon be able to sign in with one step by entering your Online ID
and Passcode on the same page. SiteKey® the image you used to see
before entering your Passcode is no longer part of the way you sign in
to Online Banking.
This simpler sign-in will be introduced on our different sites before
the end of the year.
To help ensure you're on the real Bank of America website before you
sign in, check your browser address bar for:
Lock icon "
Of course that is the way it was originally, putting in the ID and
password on the first page. That was it for the first few years.
It was their idea to have a SiteKey in the first place, an image that
they chose that I would see on the screen that showed me I was actually
communicating with whom I thought I was, the bank**
. Now they have 3
things, the list at the end above, but none of them are personalized for
me. Anyone with an account would get these same three things and could
duplicate them in a phony site (the existance of which, one which would
intercept my attempt to get to them, was a concern when they came up
with the SiteKey".
Because no one else would know what they showed on my screen. Even if
there were a key-logger on my computer, it wouldn't read what came in,
iiuc, that is, the sitekey, the little sketch they showed me and maybe
1000th of their online customers. (That is, they had 1000 sketches,
and if I didn't get the one I expected, I should stop what I was doing
and not put in my password.)
Do you do online banking with other banks? Do they have something
like the SiteKey, a password or picture they send to you, instead of the
other way around, so that you know you're talking to them, in the same
way they want a password from you so they know they're talking to you?