Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




14693 posts

Uber Geek

Trusted
Lifetime subscriber

#152324 23-Sep-2014 18:51
Send private message

I have a problem with ASB.

Their password system is a bit old fashioned. About once a year something happens and I end up having to change my password. I store them in 1Password because it simply isn't possible to remember a password like xCddG5eEx72StJJ9t or something. Actually it would't be that long as they have to be 8 letters. It would be that random.

The problem is that if you forget it, you have to ring them. Then you have to remember ANOTHER password or they won't talk to you. They make you go to a branch.

This is fine if you live in a city. However to go to a branch it is around a 65km round trip for me!
 
Last week they rang me and said they had cancelled my access because of a fraudulent access attempt (may actually have been me, with a VPN active and pretending to be in the UK but not sure!) so I had to do the whole reset thing.

Now 1Password seems to have remembered the wrong password and I cannot get in again, so now I have to make a 65km journey and I am none too happy.

What other banks offer a more sane approach to this?!





View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
23454 posts

Uber Geek

Trusted
Subscriber

  #1134795 23-Sep-2014 18:55
Send private message

IMO that is quite a sane process. Better than most ISP's which will just give you a new one on the phone with providing information that anyone could probably obtain without much effort.

Not ASB's fault that you choose to live so far from them.




Richard rich.ms



14693 posts

Uber Geek

Trusted
Lifetime subscriber

  #1134797 23-Sep-2014 18:57
Send private message

What's wrong with something like a random number generator fob, or a method using text to a registered phone etc?!

Someone must have a better way.

Essentially, this is such a PITA for me that they are now about to loose my business.





 
 
 
 


3017 posts

Uber Geek


  #1134801 23-Sep-2014 18:59
Send private message

To be honest I'd rather them do this than have someone get at the (little) money I have in there. Avoids social engineering issues popping up I suppose




Bachelor of Computing Systems (2015)

 

--

 

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland 


23454 posts

Uber Geek

Trusted
Subscriber

  #1134802 23-Sep-2014 19:01
Send private message

You can get a token for netcode, and it can be made to need it to log in so then you can have your internet banking password set as something stupidly simple. But forgetting your verbal password is something that IMO should always need an in person visit with ID to resolve. Yes its a pain but it is their money at risk.

If you find a bank that is prepared to let you change a password over the phone with little information, please let me know which one so I can avoid them.




Richard rich.ms

16469 posts

Uber Geek


  #1134842 23-Sep-2014 19:12
Send private message

Having to go to the branch is madness. Their are online banks, and banks like the TSB who don't have local branches, and they can handle it fine. More banks should use a system like rabobanks which has a key. So you only need to remember a 4 digit code.

 

 

 

I actually find apps on phones far worse, because you often need a totally different password and you don't have tools like last pass to remember it. The ANZ one is ok, but other banks aren't.

3255 posts

Uber Geek


  #1134873 23-Sep-2014 19:34
Send private message

i use Co-op bank and their Safekey token , ill let them explain it

The SafeKey token is used to verify your identity a second way when you login to Internet Banking (this is called two-factor authentication). Once you’ve entered your customer number and password, you then need to enter the code displayed on the SafeKey token screen. The code changes every 60 seconds and synchronises with our system, so that we know the code is yours. If the code, your customer number and password are all correct, you’re then logged in to Internet Banking. Each code can only be used once, reducing the risk of identity theft and other online fraud.

it would be really hard to get into my account without it . Makes it easier to change your password because after you change it you still need the token.





Common sense is not as common as you think.


6006 posts

Uber Geek

Trusted
DR
Lifetime subscriber

  #1134891 23-Sep-2014 19:50
Send private message

vexxxboy: i use Co-op bank and their Safekey token , ill let them explain it

The SafeKey token is used to verify your identity a second way when you login to Internet Banking (this is called two-factor authentication). Once you’ve entered your customer number and password, you then need to enter the code displayed on the SafeKey token screen. The code changes every 60 seconds and synchronises with our system, so that we know the code is yours. If the code, your customer number and password are all correct, you’re then logged in to Internet Banking. Each code can only be used once, reducing the risk of identity theft and other online fraud.

it would be really hard to get into my account without it . Makes it easier to change your password because after you change it you still need the token.


ASB offer two-factor authentication.




Sideface


 
 
 
 


3017 posts

Uber Geek


  #1134893 23-Sep-2014 19:51
Send private message

Sideface:
vexxxboy: i use Co-op bank and their Safekey token , ill let them explain it

The SafeKey token is used to verify your identity a second way when you login to Internet Banking (this is called two-factor authentication). Once you’ve entered your customer number and password, you then need to enter the code displayed on the SafeKey token screen. The code changes every 60 seconds and synchronises with our system, so that we know the code is yours. If the code, your customer number and password are all correct, you’re then logged in to Internet Banking. Each code can only be used once, reducing the risk of identity theft and other online fraud.

it would be really hard to get into my account without it . Makes it easier to change your password because after you change it you still need the token.


ASB offer two-factor authentication.


Probably part of the reason i haven't changed my password for *cough* 9 years *cough*. Never had online banking access. But my cards have been skimmed 3 times in the last year. So 2 factor is definitely recommended lol




Bachelor of Computing Systems (2015)

 

--

 

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland 


2572 posts

Uber Geek


  #1134894 23-Sep-2014 19:57
Send private message

Your issue seems to be you are forgetting all your authentication details (online & phone). And if you don't know your phone password, they should be able to go through the alternate security questions (I've done this before numerous times with ASB phone service). Would you be happy if anyone who knows your date of birth can ring up and get your password changed? Given the importance of security around banking services, what do you propose as a secure but 'more sane' method?







14693 posts

Uber Geek

Trusted
Lifetime subscriber

  #1135026 23-Sep-2014 22:00
Send private message

Inphinity: Your issue seems to be you are forgetting all your authentication details (online & phone). And if you don't know your phone password, they should be able to go through the alternate security questions (I've done this before numerous times with ASB phone service). Would you be happy if anyone who knows your date of birth can ring up and get your password changed? Given the importance of security around banking services, what do you propose as a secure but 'more sane' method?






Well, the other day I needed to speak with ANZ about the mortgage.

They asked for my internet banking password and I said I had no internet banking. Our only account with them is the mortgage.

They asked me some questions (the usual security type of thing) and then sent a one time code to my phone (the number was on file) which I had to read back - job done.





2078 posts

Uber Geek

Subscriber

  #1135294 24-Sep-2014 09:02
Send private message

Why don't you store the "phone" password somewhere so you can give it to them when you need to have your internet banking password reset?



14693 posts

Uber Geek

Trusted
Lifetime subscriber

  #1136419 24-Sep-2014 12:29
Send private message

graemeh: Why don't you store the "phone" password somewhere so you can give it to them when you need to have your internet banking password reset?


I will have to. However, it kind of defeats the object of security to write things down somehow!!





2078 posts

Uber Geek

Subscriber

  #1136426 24-Sep-2014 12:35
Send private message

Geektastic:
graemeh: Why don't you store the "phone" password somewhere so you can give it to them when you need to have your internet banking password reset?


I will have to. However, it kind of defeats the object of security to write things down somehow!!


Can't you store it in your 1keystore app?  I use an app called "keeper" that allows me to record other notes along with passwords and keeps them all encrypted and supposedly safe.

821 posts

Ultimate Geek


  #1136603 24-Sep-2014 14:59
Send private message

Geektastic:
Inphinity: Your issue seems to be you are forgetting all your authentication details (online & phone). And if you don't know your phone password, they should be able to go through the alternate security questions (I've done this before numerous times with ASB phone service). Would you be happy if anyone who knows your date of birth can ring up and get your password changed? Given the importance of security around banking services, what do you propose as a secure but 'more sane' method?






Well, the other day I needed to speak with ANZ about the mortgage.

They asked for my internet banking password and I said I had no internet banking. Our only account with them is the mortgage.

They asked me some questions (the usual security type of thing) and then sent a one time code to my phone (the number was on file) which I had to read back - job done.

Even if my bank asked me for my internet banking password over the phone I still wouldn't tell them.  First rule of passwords, never give them out over the phone.  To anyone.  Ever.




23454 posts

Uber Geek

Trusted
Subscriber

  #1136644 24-Sep-2014 15:33
Send private message

with ASB Its not the internet banking password they ask you for, its the verbal password that they used to a long time ago suggest making it your mothers maiden name but have thankfully stopped suggesting that as a password. They usually ask you for a couple of letters from that password to action minor things over the phone like ordering a replacement visa etc.

If ANZ are asking for that password over the phone then IME they are being negligent and should not ever do it, infact I would assume that they tell you in the T&C not to do it like every other bank, so IMO stupid.




Richard rich.ms

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic




News »

Freeview On Demand app launches on Sony Android TVs
Posted 6-Aug-2020 13:35


UFB hits more than one million connections
Posted 6-Aug-2020 09:42


D-Link A/NZ extends COVR Wi-Fi EasyMesh System series with new three-pack
Posted 4-Aug-2020 15:01


New Zealand software Rfider tracks coffee from Colombia all the way to New Zealand businesses
Posted 3-Aug-2020 10:35


Logitech G launches Pro X Wireless gaming headset
Posted 3-Aug-2020 10:21


Sony Alpha 7S III provides supreme imaging performance
Posted 3-Aug-2020 10:11


Sony introduces first CFexpress Type A memory card
Posted 3-Aug-2020 10:05


Marsello acquires Goody consolidating online and in-store marketing position
Posted 30-Jul-2020 16:26


Fonterra first major customer for Microsoft's New Zealand datacentre
Posted 30-Jul-2020 08:07


Everything we learnt at the IBM Cloud Forum 2020
Posted 29-Jul-2020 14:45


Dropbox launches native HelloSign workflow and data residency in Australia
Posted 29-Jul-2020 12:48


Spark launches 5G in Palmerston North
Posted 29-Jul-2020 09:50


Lenovo brings speed and smarter features to new 5G mobile gaming phone
Posted 28-Jul-2020 22:00


Withings raises $60 million to enable bridge between patients and healthcare
Posted 28-Jul-2020 21:51


QNAP integrates Catalyst Cloud Object Storage into Hybrid Backup solution
Posted 28-Jul-2020 21:40



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.