Weekly Update 397

28 April 2024

Banks. They screw us on interest rates, they screw us on fees and they screw us on passwords.

Weekly Update 397


Banks. They screw us on interest rates, they screw us on fees and they screw us on passwords. Remember the old “bank grade security” adage? I took this saying to task almost a decade ago now but it seems that at least as far as password advice goes, they really haven’t learned. This week, Commbank is telling people to use a password manager but just not for their bank password, and ANZ bank is forcing people to rotate their passwords once a year because, uh, hackers? Ah well, as I always end up lamenting, it’s a great time to be in this industry! 🤣

Listen on Apple Podcasts
Get it on Google Play
Download via RSS

References

  1. Sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite
  2. T2 tea got themselves scaled by a data breach (don’t hate me, that’s not my analogy!)
  3. Piping Rock became the 4th victim of shopifyGUY (I wonder where he’s finding those API keys?)
  4. Lufthansa provided some advice on how not to get p(ra)wned (cool piece, but “Keepass is already installed on most devices” misses the mark by a long way)
  5. Bank security is important, so why is Commbank telling people to keep their most important passwords in the least secure place?! (it just defines logic)
  6. And while we’re talking banks, why is ANZ mandating password rotation in the absence of suspicion of compromise?! (it’s been many years since this thinking was flushed down the toilet)
Weekly update
Tweet
Post
Update
Email
RSS

Hi, I’m Troy Hunt, I write this blog, create courses for Pluralsight and am a Microsoft Regional Director and MVP who travels the world speaking at events and training technology professionals


About Author

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.