Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor. If investing please consider our affiliate links for new accounts: Sharesies or Hatch. To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification
Well as the title suggests, ASB online banking passwords don't seem to be case sensitive. I first noticed it when I tried to add complexity to my password, however was told I can't reuse my existing password. So I tried logging on using an incorrect password (adding upper case letters where there shouldn't be) and can happily login.
Can any other ASB customers try replicate this?
Their website says they should be... but clearly not.
Hi everyone and please allow us to contribute to this discussion on password features. We have been reading your comments and have interacted with many of you previously on this issue when you have raised your concerns directly with us. We acknowledge that customers want to be able to use longer passwords and passwords that are case-sensitive. As a few of you have already pointed out, two-factor authentication is available either by SMS or token if you'd prefer an extra layer of security each time you log in. Some risks to password authentication, such as phishing and theft by malware, are not solved by stronger passwords so two-factor authentication remains a good option.
We currently have a programme underway which will address many of the concerns raised here. At present we don't have concrete delivery timeframes that we can share with you, but we undertake to do this when we are able to. Password security is a complex area, and as it affects nearly all of our customers, we want to make sure when we introduce changes that we get it right. For those of you who would like to be involved in user testing an early release, please email us at email@example.com and we will be in touch closer to the time.
We do reiterate that two-factor authentication is an option you can enable at login. There is no charge for the SMS messages, or if you prefer a token there is a monthly $1 charge (ideal if, for example, you travel overseas). This can be enabled within FastNet Classic via Personal Details/Set Netcode at Sign on. You can also set your Netcode daily limit to be as low as you like (down to $1) depending on your risk appetite. This will trigger a Netcode for those eligible payments over that cumulative daily limit. Lastly, our fraud team is constantly on the go behind the scenes, reviewing suspicious transactions and alerting customers about unusual activity on their accounts.
Thank you again for all the frank feedback and comments on this thread, and we look forward to sharing the changes with you when we are able to.
- Fiona Colgan, General Manager Digital
Social Media team, ASB Bank Ltd www.asb.co.nz/social