Why would you want a decent password? It’s only money!

I guess it goes without saying that I’m fairly technically literate and as such I’m pretty well versed in both what makes a strong password and actually using them. I actually have a pair of passwords, one that I use for what I consider my more important logins (company accounts, servers and the like), and another that is for lesser services that if I lost or it got hacked then it wouldn’t be a major compromise of anything.

Given this it’s always particularly disappointing when I find something that I really want to use a strong password for but can’t, because the service in question can’t handle how strong my password is.

Take my new bank account with Lloyds TSB. The password for the internet banking is 6-15 characters, must contains letters and numbers, but cannot contain any spaces or anything non-alphanumeric. Bang goes about 4 characters from my strong password.

Lloyds aren’t alone either. I also have a savings account with Citibank. To log in to their online banking I am not allowed to type in my password by hand, instead I must use an onscreen keyboard with my mouse. Now I’m not quite sure what this is meant to serve, all it does is enter the characters into a regular html input box, you know, easily readable from an add-on or other form of spyware. And even worse the keyboard gives me just 51 possible characters to choose. At least Lloyds let me use both upper and lower case!

Maybe all these places having quite different restrictions on what characters I can use in my password is a cunning ploy to make me use a different password everywhere, but I find it a little disturbing that I’m able to use a stronger password with my online pizza delivery place than with my bank accounts holding thousands of pounds of savings.

3 thoughts on “Why would you want a decent password? It’s only money!

  1. On-screen keyboard gets by a keystroke capturing program. Lots of trojans have these and send a list of everything you type to their originator. They just look for you typing the address of a financial institution and then pay attention to the characters that follow, if you use an specially crafted on-screen keyboard, or don’t type the characters in order, you can fool them.

    - mawrya

  2. The on-screen keyboard sounds like a BAD idea for whenever you have others around you. It may get around keyloggers but someone standing behind you could easily read it.

  3. I had to make an intermediate password to accommodate services which won’t accept my strong one. Ridiculous. I considered learning windows alt-codes for weird characters (example: ±), but I guess there would be no point.

Comments are closed.