It first needs your 12 digit online banking code. Think this is the same as my original debit card. Then the 5 digit online banking pass code. Was sent that by post. You can have them remembered.
So the only thing I have to enter is a (randomly asked for) two digits from my memorable word. Which in my case isn't a word.
Presumably you've never registered for smart phone banking, but I thought they sent everyone the "blue calculator" device, without asking?
So if someone steals (or has access to your computer) they only have to guess two characters?
That's why I never let my browser/computer 'remember' for me, it instantly reduces 2FA to 1FA.
They have to guess where to put them, too. I might have expected three characters, though, not two.
my bank asks for 3.
Yes. After posting I remembered that they tell you where to put them :-)
The chances of that happening are practically zero unless it's a laptop. If they want the information that much all they have to do is threaten to cut a finger off.
How many wrong entries do you get before it locks you out?
It is a very bad idea to allow your PC to remember the password for banking.
They do vary a lot now. Lloyds uses password and three characters from magic phrase.
I prefer banks that allow you to customise their home page with a personal greeting and/or picture. That makes for a very secure login. A mimic look-alike site can't guess what you have chosen.
Most now tell you to put the last 4 digits of your bank card into the
2FA device and then enter your PIN. It shows a 6 digit OTP code which effectively "proves" to the satisfaction of the bank that you are you.Of course you could be only doing it under duress (or have been tricked into doing it by some clever social engineering on a phone call).
That's what I get but there's no need to remember the membership number as the site can be set to do this. I have no problem with this as I don't regard a 'membershp number' as being any more sensitive than an email address when it is then followed by a secure log-in.
I don't think a debit card has a limit. The 'limit' is governed by the available balance of your bank account (taking account of any overdraft facility). I once bought a car with a debit card and this presented no difficulty.
A thoroughly bad idea. If someone enters your house while your computer is on they can steal your money. I think this could be regarded as a similar level of negligence to writing the PIN on a Post-it note.
No cookie lives longer than a day in this house ...
Well, I may be less risk-averse than you. I have CCleaner set up to save cookies that I trust, which includes those from Barclays.
I've done this, too. The first time, a phone call to the bank was needed to confirm who I was. That was in the days of real Bank Managers.
But surely anyone encountering an unattended switched on PC would come up against a PIN protected screen lock. This is a trivial inconvenience to give a great deal of security. Or are you suggesting that money can still be stolen with a screen-locked PC?
Also to set up a new payee most banks need some form of 2FA so if you are out with your mobile phone (and your bank card) they would not be able to set up a new payee.
I would be more worried about hackers/scammers getting at the PC from outside the house and interrogating the browser password store.
I have one of those pinsentry devices. But only time I seem to need it is when setting up a new payee - previous ones are remembered. I do have the Barclay's app on my phone, but only ever used it to pay in a cheque. And contactless payments. What I'd call banking I usually do at home on the laptop.
Some chance out of 8 and with only 3 goes.
IIRC, 3. And my memorable word isn't actually a word nor is it stored anywhere on my system. Only way to find it would be me, or hacking the Barclay's system.
It isn't my password. It's one they sent to me.
It also needs another I made up.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.