On Tuesday 20 of December 2011 17:34:24 Johan Wevers wrote: > On 20-12-2011 16:49, Hubert Kario wrote: > > Yeah, the kind of "protections" banks use is funny. But then, what can > > they do when people forget their passwords 5 minutes after they set them > > or use the same password on facebook and their bank... > > They could use the same system that all banks (minus one, ING, that as a > result is the most attacked one here) in The Netherlands use: 2-factor > authorization. When I want to login I have to put my debet card into a > reader that can access the chip on it. It asks me for a pin code, then I > have to enter a code given by the bank on the login screen, press OK and > enter the response into the browser. The code I get from the bank is > randomly generated by them, and the response depends on the debet card > inserted in the device. Some banks work with code generators that don't > require the use of your debet card. But a simple login/password combo, > no bank would use that here.
I didn't mean the login to a web service. This is, in all cases I saw, always two-factor. I meant the phone service or all the credit card transactions. -- Hubert Kario QBS - Quality Business Software 02-656 Warszawa, ul. Ksawerów 30/85 tel. +48 (22) 646-61-51, 646-74-24 www.qbs.com.pl
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
