BNZ internet banking password length increased

Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor.

To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification.

If investing please consider our affiliate link for new accounts: Sharesies.

Forums › Finance and wealth management › BNZ internet banking password length increased

dfnt

1553 posts

Uber Geek
+1 received by user: 1036

Trusted

Lifetime subscriber

#230419 23-Feb-2018 10:07

Just FYI

Logged on this morning to be greeted with a message saying BNZ have increased their password length, nice, new limit is now 60 characters

Forever their stance has been they didn't need long password lengths because of the NetGuard card, so this is a nice change

Quic referral link https://account.quic.nz/refer/276294 free setup code R276294EBWOBK

1 | 2

5655 posts

Uber Geek
+1 received by user: 3978

ID Verified

Trusted

Lifetime subscriber

#1962805 23-Feb-2018 11:14

I guess I can live with 60.. better than the old limit.. I was running with 64 as my standard length but dropped it down because so many damn websites refuse to take 64 character passwords.

I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup. Opinions are my own and not the views of my employer.

Wheelbarrow01

1784 posts

Uber Geek
+1 received by user: 2638

Trusted

Chorus

#1962956 23-Feb-2018 13:23

Lias:

I guess I can live with 60.. better than the old limit.. I was running with 64 as my standard length but dropped it down because so many damn websites refuse to take 64 character passwords.

I dunno whether it's just because it's Friday and I am worn out or what, but I really can't decide whether you are taking the p!ss or not....

Lias

5655 posts

Uber Geek
+1 received by user: 3978

ID Verified

Trusted

Lifetime subscriber

#1962981 23-Feb-2018 13:58

Wheelbarrow01:

Lias:

I guess I can live with 60.. better than the old limit.. I was running with 64 as my standard length but dropped it down because so many damn websites refuse to take 64 character passwords.

I dunno whether it's just because it's Friday and I am worn out or what, but I really can't decide whether you are taking the p!ss or not....

Not at all. I use a password manager, and unique long passwords for every site, along with unique email addresses for each site, and 2FA where possible. Data compromises are so common now that doing anything but that is a non trivial security risk.

cadman

1014 posts

Uber Geek
+1 received by user: 557
Inactive user

#1962995 23-Feb-2018 14:25

Lias:

I guess I can live with 60.. better than the old limit.. I was running with 64 as my standard length but dropped it down because so many damn websites refuse to take 64 character passwords.

Pure VPN have a upper limit of 12 characters. Numbers, upper and lower case letters only. No special characters. But it accepts any length and characters when you set the password - it just won't let you log in with it. I kid you not.

Got this when I tried to post my original message hahaha it's certainly a bad word to me!

Talkiet

4819 posts

Uber Geek
+1 received by user: 3934

Trusted

#1963012 23-Feb-2018 14:56

Better than Westpac who STILL actively defend case-normalising password inputs. So 'PassWORd' is the same as 'password' or 'PASSWORD'

Cheers - N

Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

dfnt

1553 posts

Uber Geek
+1 received by user: 1036

Trusted

Lifetime subscriber

#1963097 23-Feb-2018 17:13

I normally do ~25 character random generated passwords, long enough but not long enough to be tedious when typing out manually

Quic referral link https://account.quic.nz/refer/276294 free setup code R276294EBWOBK

Lego

Shop now for Lego sets and other gifts (affiliate link).

epr

267 posts

Ultimate Geek
+1 received by user: 132

Lifetime subscriber

#1963100 23-Feb-2018 17:22

Talkiet:
Better than Westpac who STILL actively defend case-normalising password inputs. So 'PassWORd' is the same as 'password' or 'PASSWORD'

Cheers - N

I would scoff at this but blizzard does the same for battle net passwords from memory they will accept special and ascii characters and you can get 2fa but still.

Here is my Quic referral https://account.quic.nz/refer/39513 if you are keen to change ISP and to get free setup (save $29). I will get a $50 credit if you use this. Thank you very much if you use my link but I'm sure there are quite a few others who could share the same on here, no hard feelings if you use a different link.

richms

29098 posts

Uber Geek
+1 received by user: 10208

Trusted

Lifetime subscriber

#1963225 23-Feb-2018 23:19

They lock you out after too many wrong guesses so its not a major like things that people can grind at all day.

If the banks encrypted password file gets taken then I think there are bigger things for them to worry about than the customers passwords. Not like some crapbox forum site running phpbb where they seem to leak them like sieves.

Richard rich.ms

jjnz1

1371 posts

Uber Geek
+1 received by user: 195

Lifetime subscriber

#1963279 24-Feb-2018 08:20

I mostly use randomly generated 16 character passwords. Most sites accept this that I have seen.

I think it is a good compromise between ease of manually typing in, and securing my data.

Now the question is, how many of you secure your password manager with the same or stronger level of password?

From my experience, first I get people to use a password manager and use randomly generated long passwords, then over time I get them to make their password manager password stronger. No point having a 6 character password securing your password manager..

Lias

5655 posts

Uber Geek
+1 received by user: 3978

ID Verified

Trusted

Lifetime subscriber

#1963322 24-Feb-2018 10:08

jjnz1:

I mostly use randomly generated 16 character passwords. Most sites accept this that I have seen.

I think it is a good compromise between ease of manually typing in, and securing my data.

Now the question is, how many of you secure your password manager with the same or stronger level of password?

From my experience, first I get people to use a password manager and use randomly generated long passwords, then over time I get them to make their password manager password stronger. No point having a 6 character password securing your password manager..

My password manager password is 16-20 characters, upper, lower, numeric and special, and I have 2FA, forcibly disconnect any existing sessions when I login, and require the password again to view/edit rather than just inject passwords.

I don't think I can practically do much more to secure it.

sonyxperiageek

2984 posts

Uber Geek
+1 received by user: 397

Trusted

#1963327 24-Feb-2018 10:28

Biggest question is do these Password Managers have decent apps for phones? It's such a pain when one of the apps on the phone suddenly decides to log you out and you have to type in that long ass password again.

Sony

Dell

Shop now for Dell laptops and other devices (affiliate link).

richms

29098 posts

Uber Geek
+1 received by user: 10208

Trusted

Lifetime subscriber

#1963336 24-Feb-2018 11:10

Lastpass can type into things on my old note 4 fine, but on the redmi phone its never popped up and worked, and on a s7 I was using for a while I had its filling accesibiliuty service keep disabling and not working, but that could have been something else on the phone doing it because it was one I was borrowing to phone sit for someone who was overseas.

Richard rich.ms

sfrasernz

234 posts

Master Geek
+1 received by user: 13

#1963378 24-Feb-2018 13:01

What are those using for a Password Manager? I've used Password Safe for years which syncs to Dropbox and has an okay mobile app.

FineWine

3111 posts

Uber Geek
+1 received by user: 2440

Trusted

Nurse (R)

Lifetime subscriber

#1963547 24-Feb-2018 16:13

1Password for macOS & iOS across iMac, 2 iPhones & 2 iPads, Safari & Firefox works a treat. Been using it since the early days. Plus macOS Keychain Access across all those devices. The new update this week addresses the latest way that banks are securing their sites.

Whilst the difficult we can do immediately, the impossible takes a bit longer. However, miracles you will have to wait for.