Skip to content
BOL Conferences
Forums · Active Threads · Forum Rules · Mark All Read · Log In
BankersOnline.com Forums Banker Forums eBanking / Technology Passwords
Thread Options
#735100 - 05/17/07 10:08 PM Passwords
LoveHMDA Offline
Gold Star
Joined: Nov 2005
Posts: 283
Does anyone know if there a timeframe (i.e. 60 or 90 days) when we must prompt the customer to change their password when trying to log in to their account online? Is this a requirement or a recommendation from an Interagency standpoint. Thanks for your help!

Return to Top
eBanking / Technology
#737812 - 05/22/07 04:42 PM Re: Passwords LoveHMDA
Phoenix Offline
Platinum Poster
Phoenix
Joined: May 2003
Posts: 832
southeast
Neither Reg. H nor Reg. Y nor even the FFIEC IT booklets get that specific, and a discussion at http://ask.metafilter.com/33434/Password-expiration-best-practices suggests that there is no mandatory time for any industry.
_________________________
From the end spring new beginnings.
Pliny the Elder

Return to Top
#739244 - 05/23/07 09:50 PM Re: Passwords Phoenix
Andy_Z Offline
10K Club
Andy_Z
Joined: Oct 2000
Posts: 27,752
On the Net
Banks have internal requirements and you are reviewed on this. There is no requirement that you impose a similar requirement on your customers. Some banks do. Personally I prefer a requirement for a strong password up front and that it not be required to be changed at an interval.
_________________________
AndyZ CRCM
My opinions are not necessarily my employers.
R+R-R=R+R
Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell

Return to Top

Moderator:  Andy_Z