How to go over the top with security

[RogerS]

Step forward, NatWest and take a bow...so I can kick your collective backsides.

Their website now insists that your password contains at least one upper case letter, one lower case letter, one number and one punctuation mark (and at least 8 or 9 characters long IIRC) Thus rendering it impossible to remember the bloody thing. To make matters worse, they ask for selected characters by position...ie 4th, 7th, 10th. This in itself is good practice but by forcing you to make up a totally unmemorable password you end up having to write down your password - which precisely is what you don't want to do.

Other folks seem perfectly happy with random numbers and letters only - case insensitive.

I use so many online accounts now that I use a generic password modified for each site...much easier to remember but sufficiently safe as to not be easily cracked. Impossible to work into the NatWest scheme and because I so rarely use the NatWest website, I'm forced to write down my password and store it safely. And where can I do that? Why, in my wallet...along with my credit cards..where else.

 

[cambournepete]

Requiring 3 of the 4 groups (upper, lower, number, punctuation) is quite normal - it's policy where I work.
4 is more secure, and not that hard to remember if you use an odd word as the basis of your password and substitute punctuation or a number for some of the letters.
For example R0gerS1nd:n, L1e-N|elsen

 

[dedee]

Over here Roger it's the opposite. Just a 6 digit number is all's that's required to access our bank account, plus the customer number (held in the PC).
It was the bank cards that left me incredulous. The banks issues the PIN number and you cannot change it! They gave me a 4 digit PIN with only 2 different numbers and told me if I wanted to change it they would have to issue a new card, at my cost. BNP by the way, they behave like banks used to do in the UK 30 years ago.

Andy

 

[seanybaby]

Thats odd because i just logged into my natwest account as usual and didn't have to give new passwords :wink:

 

[mr]

Natwest have just sent the good lady wife and I a wee calculator type handset each with which to generate key codes to access the website. Not sure why we couldn't share one or whether we have to use both of them together to get to the joint account now but there you go. Yet another thing requiring a battery to make it go. :roll:

Cheers Mike

 

[seanybaby]

I've had a calculator for over a month now and havn't used it once. Maybe because it's as student account and overdrawn :lol: You don't need security when you have no money :lol:

 

[White House Workshop]

My bank sent me a SecureID token to access my account. That makes 3 things to access it - the account name (which is not my name or the account name!), a password of letters and numbers 6-12 characters, plus a random number sent to the token that changes every minute. Nice and safe...

 

[RogerS]

Thats odd because i just logged into my natwest account as usual and didn't have to give new passwords :wink:

It's their YourPoints website - my fault - should have made it clearer

 

[Fecn]

Their website now insists that your password contains at least one upper case letter, one lower case letter, one number and one punctuation mark (and at least 8 or 9 characters long IIRC) Thus rendering it impossible to remember the bloody thing.

That's easy.. you need to stop thinking of words and start thinking of phrases in teenager SMS-Speak.

My Mate is Late = MyM8isL8.
UKWorkshop is Great. = UKWisGr8.
Why do I like to try? = YdoI~=2try (in my head, ~= means approximately equal to.. aka like)

These are all nice strong passwords and they're all easy to remember (at least to my addled mind they are).