Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Study: Major Banks Not Supporting Strong Passwords

by Elizabeth Harper on March 07, 2016

Banks Not Supporting Strong Passwords

Sure, you could drive down to your local bank branch to deposit a check or make a money transfer, but why would you when online banking is as close as your smartphone? With just a few taps you can check your balance, transfer money, or photograph a check to deposit it. But just how secure is your online banking service?

While all the information sent between you and your bank is securely encrypted, not all banks are following the best security practices when it comes to how you log on—and some even neglect the basics. The first, and easiest, defense against getting your banking information stolen is to have a complex password (something that's more difficult to guess than "123456789"). Adding numbers and capital letters to your password makes it more complex and harder for others to guess or crack.

Yet a new study by the University of New Haven's Cyber Forensics Research and Education Group claims that some major banks don't allow strong passwords because their systems ignore uppercase letters. In researching 17 major banks in the US, the group found six—that's 35%—ignore case sensitivity in passwords. While passwords are only part of a secure system, you would expect your bank to use the highest security possible in order to protect your hard-earned cash.

The banks in question serve over 350 million customers; everyone who banks with BB&T Bank, Capitol One, Chase Bank, Citibank, Webster First Federal Credit Union and Wells Fargo is using a less secure password.

So what should you do to keep your banking information secure if your bank doesn't support strong passwords? Beyond creating the strongest password you can, using a combination of letters and numbers—and avoiding easy to guess combinations like words and birthdays—many banks allow you to turn on two-factor authentication.

Two-factor authentication requires you to use an additional code on top of your username and password. After you enter your login information, you'll be sent an additional code—usually in a text to your cell phone—which you can only use once. This means that even if someone manages to get your password, they'd also need to have access to your phone in order to access your account. A hacker who steals your password won’t also have access to your phone, while someone who steals your phone won’t know your password. (And you have your phone locked down with a password of its own, right?) Either way, your banking account is safe.

Of the banks listed above, Chase, Citibank, and Wells Fargo support two-factor authentication, and we'd strongly recommend turning it on.

Image Credit: sticky note showing password via Shutterstock


Computer Safety & Support, News, Computers and Software, Blog

Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.