Bank Pin code

Bank Pin code

in Suggestions

Posted by: Foxer.8439

Foxer.8439

I recently got hacked and my account items and money have been wiped out.
I would like to suggest a security feature which restricts a hacker from accessing bank items/money. This feature involves a pin code which is created by the user and this feature should be optional. If bank pin code is inserted wrong multiple times there should be some form of lockout message. Hope you take interest my suggestion.

Bank Pin code

in Suggestions

Posted by: rajule.8054

rajule.8054

if you got an authenticator for your account it would do the same thing and even more because they couldn’t log into your account at all..

Bank Pin code

in Suggestions

Posted by: Latinkuro.9420

Latinkuro.9420

OR you could use your brain and make a unique password for each account you have minimizing the risk of being hacked.

Bank Pin code

in Suggestions

Posted by: Foxer.8439

Foxer.8439

you got a point, but just saying, password was unique and i had email authenticator, what i think is the hacker logged to my email, but that is not the point, it is a feature that i’m suggesting which he/she can disable or use.

Bank Pin code

in Suggestions

Posted by: Satans Chosen.1024

Satans Chosen.1024

Other possible security mesures aside, an optional bank pin is a good idea, preferably alpha-numeric instead of just numeric.

Bank Pin code

in Suggestions

Posted by: Bahamadude.4925

Bahamadude.4925

I’d also like to suggest a sort of auto-lock where it’s impossible to get stuff out of your bank until the time you set is up. With the lock in place, you can put stuff in but not out. This is more for those times where you know you are going to be away from the game for a long time so you can set the lock to run for days weeks or even months. However i THINK hackers may not be so willing to jump on your account and take stuff if they see they have towait30+ minutes to steal. i could be wrong tho.

Wouldn’t a key logger or something be able to take your code? Yes this idea is good, but by itself, after a while it’ll be like it’s not there at all. A hacker will eventually find a way to get your password.

Bank Pin code

in Suggestions

Posted by: RaGe.9834

RaGe.9834

authenticator works better bank pin is annoying, they also have a rollback feature so you can and will get all ur stuff back, also not the right spot for this really u should take this issue up with support

What are you a jock?…. get out, This is nerd landia, where nerds gather!

(edited by RaGe.9834)

Bank Pin code

in Suggestions

Posted by: Snoring Sleepwalker.9073

Snoring Sleepwalker.9073

If ANET adds a bank pin, the people hijacking accounts will just grab the pin when they keylog/phish you. So it won’t make anything more secure, but will make it more annoying for people trying to access their own stuff.

This kind of security theater is pointless. Unlike an authenticator, which does make things more secure.

Bank Pin code

in Suggestions

Posted by: RaCast.6510

RaCast.6510

If ANET adds a bank pin, the people hijacking accounts will just grab the pin when they keylog/phish you. So it won’t make anything more secure, but will make it more annoying for people trying to access their own stuff.

This kind of security theater is pointless. Unlike an authenticator, which does make things more secure.

They actually do this in Runescape and it works awesome. It’s an onscreen prompt where you click the numbers and the prompt randomly regenerates/swaps the numbers positions on each button press. You also only input it the first time you access the bank each time you log on. It’s really no more of an inconvenience than the mobile authenticator.

Bank Pin code

in Suggestions

Posted by: Snoring Sleepwalker.9073

Snoring Sleepwalker.9073

If ANET adds a bank pin, the people hijacking accounts will just grab the pin when they keylog/phish you. So it won’t make anything more secure, but will make it more annoying for people trying to access their own stuff.

This kind of security theater is pointless. Unlike an authenticator, which does make things more secure.

They actually do this in Runescape and it works awesome. It’s an onscreen prompt where you click the numbers and the prompt randomly regenerates/swaps the numbers positions on each button press. You also only input it the first time you access the bank each time you log on. It’s really no more of an inconvenience than the mobile authenticator.

An onscreen prompt is far more annoying to use than typing on a keyboard. Especially when the layout keeps changing. But that’s not my problem with the pin. My problem is that a pin doesn’t make anything more secure because like the username and password, it is only another knowledge factor.

A keylogger can break it by screenshots as you select the numbers. Or throw in some very simple image recognition software to identify which of the keys you clicked on from the list of all the keys.

A phisher just needs to ask for the pin when they ask for the rest of your information.

In both cases, it’s only a minor change to how they grab the username and password.

An authenticator works because it isn’t a knowledge factor. It’s a possession factor. To break through an authenticators security the attacker needs to do one of the following:
– Steal your authenticator
– Predict the next code the authenticator spits out. Which means knowing the algorithm, and enough previous codes you have used to know the algorithms internal states.

This is on top of how they steal your username and password. So the authenticator adds security, because it adds another thing the attacker needs to do to break in.

Go read up on Two Factor authentication. That is what the authenticator offers.

Now read about Security theater. That is what the pin offers. The appearance of being more secure, without actually improving security.

Bank Pin code

in Suggestions

Posted by: robinsiebler.3801

robinsiebler.3801

I really like the way Aion handled this. No authenticator is needed. You have 1 password to log in and a separate PIN for each char. The PIN is entered via an on-screen keypad which is arranged differently every time it appears. You can’t use the keyboard, so it can’t be captured via a keylogger.

This message was brought to you by a Kitten with a Keyboard

Bank Pin code

in Suggestions

Posted by: Snoring Sleepwalker.9073

Snoring Sleepwalker.9073

I really like the way Aion handled this. No authenticator is needed. You have 1 password to log in and a separate PIN for each char. The PIN is entered via an on-screen keypad which is arranged differently every time it appears. You can’t use the keyboard, so it can’t be captured via a keylogger.

This message was brought to you by a Kitten with a Keyboard

Not a simple keylogger. But it can be caught by a keylogger that has enough image recognition capability to tell the difference between the keys on the virtual keyboard.