Password Fail! Lessons from LI's epic fail! Just imagine what our customers are using as their "secure" passwords to access their online banking accounts.
IMO- We as an industry need to be pushing our service providers harder for better control over acceptable passwords... the FFIEC guidance doesn't address a few fundamental problems with many online banking systems...
1) Many are not true "Multi-Factor"...
2) Password strength comes only in the form of alphanumerics and special characters
Curious to see what thoughts people have on this issue? If customers don't seem to want to take the initiative, should we be taking in for them?
Should we be requiring better, stronger, more dynamic passwords? Should we be pushing our online banking providers to adopt better password technology tools??
Cheers!