Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


11835 posts

Uber Geek
+1 received by user: 3836

Trusted
Lifetime subscriber

Topic # 152324 23-Sep-2014 18:51
Send private message

I have a problem with ASB.

Their password system is a bit old fashioned. About once a year something happens and I end up having to change my password. I store them in 1Password because it simply isn't possible to remember a password like xCddG5eEx72StJJ9t or something. Actually it would't be that long as they have to be 8 letters. It would be that random.

The problem is that if you forget it, you have to ring them. Then you have to remember ANOTHER password or they won't talk to you. They make you go to a branch.

This is fine if you live in a city. However to go to a branch it is around a 65km round trip for me!
 
Last week they rang me and said they had cancelled my access because of a fraudulent access attempt (may actually have been me, with a VPN active and pretending to be in the UK but not sure!) so I had to do the whole reset thing.

Now 1Password seems to have remembered the wrong password and I cannot get in again, so now I have to make a 65km journey and I am none too happy.

What other banks offer a more sane approach to this?!





View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
21397 posts

Uber Geek
+1 received by user: 4339

Trusted
Subscriber

  Reply # 1134795 23-Sep-2014 18:55
3 people support this post
Send private message

IMO that is quite a sane process. Better than most ISP's which will just give you a new one on the phone with providing information that anyone could probably obtain without much effort.

Not ASB's fault that you choose to live so far from them.




Richard rich.ms



11835 posts

Uber Geek
+1 received by user: 3836

Trusted
Lifetime subscriber

  Reply # 1134797 23-Sep-2014 18:57
Send private message

What's wrong with something like a random number generator fob, or a method using text to a registered phone etc?!

Someone must have a better way.

Essentially, this is such a PITA for me that they are now about to loose my business.





2885 posts

Uber Geek
+1 received by user: 378


  Reply # 1134801 23-Sep-2014 18:59
One person supports this post
Send private message

To be honest I'd rather them do this than have someone get at the (little) money I have in there. Avoids social engineering issues popping up I suppose




Bachelor of Computing Systems (2015)

 

--

 

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland 


21397 posts

Uber Geek
+1 received by user: 4339

Trusted
Subscriber

  Reply # 1134802 23-Sep-2014 19:01
One person supports this post
Send private message

You can get a token for netcode, and it can be made to need it to log in so then you can have your internet banking password set as something stupidly simple. But forgetting your verbal password is something that IMO should always need an in person visit with ID to resolve. Yes its a pain but it is their money at risk.

If you find a bank that is prepared to let you change a password over the phone with little information, please let me know which one so I can avoid them.




Richard rich.ms

14292 posts

Uber Geek
+1 received by user: 1849


  Reply # 1134842 23-Sep-2014 19:12
Send private message

Having to go to the branch is madness. Their are online banks, and banks like the TSB who don't have local branches, and they can handle it fine. More banks should use a system like rabobanks which has a key. So you only need to remember a 4 digit code.

 

 

 

I actually find apps on phones far worse, because you often need a totally different password and you don't have tools like last pass to remember it. The ANZ one is ok, but other banks aren't.

2669 posts

Uber Geek
+1 received by user: 664


  Reply # 1134873 23-Sep-2014 19:34
Send private message

i use Co-op bank and their Safekey token , ill let them explain it

The SafeKey token is used to verify your identity a second way when you login to Internet Banking (this is called two-factor authentication). Once you’ve entered your customer number and password, you then need to enter the code displayed on the SafeKey token screen. The code changes every 60 seconds and synchronises with our system, so that we know the code is yours. If the code, your customer number and password are all correct, you’re then logged in to Internet Banking. Each code can only be used once, reducing the risk of identity theft and other online fraud.

it would be really hard to get into my account without it . Makes it easier to change your password because after you change it you still need the token.





Common sense is not as common as you think.


4214 posts

Uber Geek
+1 received by user: 2450

Lifetime subscriber

  Reply # 1134891 23-Sep-2014 19:50
One person supports this post
Send private message

vexxxboy: i use Co-op bank and their Safekey token , ill let them explain it

The SafeKey token is used to verify your identity a second way when you login to Internet Banking (this is called two-factor authentication). Once you’ve entered your customer number and password, you then need to enter the code displayed on the SafeKey token screen. The code changes every 60 seconds and synchronises with our system, so that we know the code is yours. If the code, your customer number and password are all correct, you’re then logged in to Internet Banking. Each code can only be used once, reducing the risk of identity theft and other online fraud.

it would be really hard to get into my account without it . Makes it easier to change your password because after you change it you still need the token.


ASB offer two-factor authentication.




Sideface


2885 posts

Uber Geek
+1 received by user: 378


  Reply # 1134893 23-Sep-2014 19:51
Send private message

Sideface:
vexxxboy: i use Co-op bank and their Safekey token , ill let them explain it

The SafeKey token is used to verify your identity a second way when you login to Internet Banking (this is called two-factor authentication). Once you’ve entered your customer number and password, you then need to enter the code displayed on the SafeKey token screen. The code changes every 60 seconds and synchronises with our system, so that we know the code is yours. If the code, your customer number and password are all correct, you’re then logged in to Internet Banking. Each code can only be used once, reducing the risk of identity theft and other online fraud.

it would be really hard to get into my account without it . Makes it easier to change your password because after you change it you still need the token.


ASB offer two-factor authentication.


Probably part of the reason i haven't changed my password for *cough* 9 years *cough*. Never had online banking access. But my cards have been skimmed 3 times in the last year. So 2 factor is definitely recommended lol




Bachelor of Computing Systems (2015)

 

--

 

Late 2013 MacBook Pro with Retina Display (4GB/2.4GHz i5/128GB SSD) - HP DV6 (8GB/2.8GHz i7/120GB SSD + 750GB HDD)
iPhone 6S + (64GB/Gold/Vodafone NZ) - Xperia Z C6603 (16GB/White/Spark NZ)

Sam, Auckland 


2520 posts

Uber Geek
+1 received by user: 937

Subscriber

  Reply # 1134894 23-Sep-2014 19:57
One person supports this post
Send private message

Your issue seems to be you are forgetting all your authentication details (online & phone). And if you don't know your phone password, they should be able to go through the alternate security questions (I've done this before numerous times with ASB phone service). Would you be happy if anyone who knows your date of birth can ring up and get your password changed? Given the importance of security around banking services, what do you propose as a secure but 'more sane' method?








Windows 7 x64 // i5-3570K // 16GB DDR3-1600 // GTX660Ti 2GB // Samsung 830 120GB SSD // OCZ Agility4 120GB SSD // Samsung U28D590D @ 3840x2160 & Asus PB278Q @ 2560x1440
Samsung Galaxy S5 SM-G900I w/Spark



11835 posts

Uber Geek
+1 received by user: 3836

Trusted
Lifetime subscriber

  Reply # 1135026 23-Sep-2014 22:00
Send private message

Inphinity: Your issue seems to be you are forgetting all your authentication details (online & phone). And if you don't know your phone password, they should be able to go through the alternate security questions (I've done this before numerous times with ASB phone service). Would you be happy if anyone who knows your date of birth can ring up and get your password changed? Given the importance of security around banking services, what do you propose as a secure but 'more sane' method?






Well, the other day I needed to speak with ANZ about the mortgage.

They asked for my internet banking password and I said I had no internet banking. Our only account with them is the mortgage.

They asked me some questions (the usual security type of thing) and then sent a one time code to my phone (the number was on file) which I had to read back - job done.





2078 posts

Uber Geek
+1 received by user: 230

Subscriber

  Reply # 1135294 24-Sep-2014 09:02
One person supports this post
Send private message

Why don't you store the "phone" password somewhere so you can give it to them when you need to have your internet banking password reset?



11835 posts

Uber Geek
+1 received by user: 3836

Trusted
Lifetime subscriber

  Reply # 1136419 24-Sep-2014 12:29
Send private message

graemeh: Why don't you store the "phone" password somewhere so you can give it to them when you need to have your internet banking password reset?


I will have to. However, it kind of defeats the object of security to write things down somehow!!





2078 posts

Uber Geek
+1 received by user: 230

Subscriber

  Reply # 1136426 24-Sep-2014 12:35
Send private message

Geektastic:
graemeh: Why don't you store the "phone" password somewhere so you can give it to them when you need to have your internet banking password reset?


I will have to. However, it kind of defeats the object of security to write things down somehow!!


Can't you store it in your 1keystore app?  I use an app called "keeper" that allows me to record other notes along with passwords and keeps them all encrypted and supposedly safe.

518 posts

Ultimate Geek
+1 received by user: 117


  Reply # 1136603 24-Sep-2014 14:59
One person supports this post
Send private message

Geektastic:
Inphinity: Your issue seems to be you are forgetting all your authentication details (online & phone). And if you don't know your phone password, they should be able to go through the alternate security questions (I've done this before numerous times with ASB phone service). Would you be happy if anyone who knows your date of birth can ring up and get your password changed? Given the importance of security around banking services, what do you propose as a secure but 'more sane' method?






Well, the other day I needed to speak with ANZ about the mortgage.

They asked for my internet banking password and I said I had no internet banking. Our only account with them is the mortgage.

They asked me some questions (the usual security type of thing) and then sent a one time code to my phone (the number was on file) which I had to read back - job done.

Even if my bank asked me for my internet banking password over the phone I still wouldn't tell them.  First rule of passwords, never give them out over the phone.  To anyone.  Ever.




21397 posts

Uber Geek
+1 received by user: 4339

Trusted
Subscriber

  Reply # 1136644 24-Sep-2014 15:33
Send private message

with ASB Its not the internet banking password they ask you for, its the verbal password that they used to a long time ago suggest making it your mothers maiden name but have thankfully stopped suggesting that as a password. They usually ask you for a couple of letters from that password to action minor things over the phone like ordering a replacement visa etc.

If ANZ are asking for that password over the phone then IME they are being negligent and should not ever do it, infact I would assume that they tell you in the T&C not to do it like every other bank, so IMO stupid.




Richard rich.ms

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.