Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Am I too paranoid about bank security?
1 point by aprentic on Aug 8, 2023 | hide | past | favorite | 5 comments
It seems that some smaller banks still follow outdated security practices. Is that a problem or am I just crazy.

My current bank doesn't seem to support SSO. Their mechanism for linking to external services is to have you store your username and password in the other service and then manually enter the MFA code on each sync.

My previous bank still had an archaic system that required regular password rotation, had weird "complexity requirements" but still wouldn't accept all the "special characters" from a password generated by a pw-manager.

Are these things actually no big deal or are we just waiting on a wave of crime against small banks?



Do you not think that banks practice Defense in Depth to some degree? There are technical measures in place to protect your account and your money, but there are other measures as well, and even if that security fails, banks have recourse to regulations, to the law, and to insurance, as do you, the consumer.

Has something happened to your account that would give you occasion for concern?


Banks already experience a wave of crime. They have mitigations you probably don't know about, and they take the hit. You probably don't face much risk for the bank's shortcomings because of regulation and consumer protection (depending on where you live). If it bothers you switch banks, otherwise don't worry about it.


Isn't there already one? My bank itself is not that big, but they are under the rules of the EU & swift, so it would be problematic to have security issues.


its the banks who are paranoid...in fact its the anti-laundering laws compliance which is forcing us all to ridiculous security practices, with the taxman taking a ride on top of it of course


I take Andrew Jackson's position on banks.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: