Wednesday, June 06, 2007

FFIEC Guidelines and Passwords

The Federal Financial Institutions Examination Council (FFIEC) issued a guideline in 2005 recommending that banks offer two-factor authentication for all their online customers. They said user IDs and passwords, by themselves, were insufficient and could be easily cracked.

According to CSO, many banks still aren't compliant. In their Alarmed column, Sarah Scalet called three banks to inquire about their authentication policies and practices and got some interesting responses.

They also reported more bad news about passwords.


Post a Comment

Links to this post:

Create a Link

<< Home