Is It Safe to Use a Password Manager to Store Your Online Banking Account Passwords?

Online Banking Passwords

There's a Twitter account especially dedicated to retweeting people who complain about bad password policies. It might not sound like the most interesting thing in the world, but the password rules some websites set are so absurd, that they're downright hilarious. Other password policies are quite terrifying, though.

The @PWTooStrong is proof that many website owners and service providers have an extremely poor understanding of what password security is and how it should be implemented. This is particularly obvious when representatives of the companies' social media teams chime in on the discussion and explain how it was all done for the sake of the users' safety.

In fairness, you can't expect them all to be up-to-speed with the best security practices, but you do presume that some are better than others. You also presume that banks and financial institutions, the organizations that are supposed to keep our money safe, have implemented the necessary precautions to ensure that your savings are as well protected as possible. The @PWTooStrong feed shows that this is not really the case.

Banks are struggling when it comes to storing passwords and setting up secure authentication systems

Going through the retweets, you'll see financial organizations from all around the world implementing all sorts of mind-boggling password practices. The banking passwords are not case sensitive. You'll see that quite a few impose rather low limits on the number of characters a password can have, and many don't allow pasting of passwords which means that you're urged to remember your password. Some positively strange limits on the use of special characters are also visible, and certain practices suggest that users' passwords are sometimes stored in plaintext which is unacceptable.

The worst bit is, you rarely know how bad it is

It is a strange world we live in. Banks are supposed to be taking care of our money, and yet, they don't seem to be terribly transparent about the way they protect it. If you try to ask them how they store your password, they likely won't give you an answer "because of security reasons," and when you see that they're not doing it correctly and call them out, they usually use the same "there's nothing to worry about because we take security very seriously" canned response.

Banks are indeed tight-lipped when it comes to online security, and unfortunately, this is unlikely to change any time soon. All you can do is make sure that your own password practices are up to par.

Using Cyclonis Password Manager to create and store strong online banking passwords

Your hard-earned money is on the line, so the strength of your password is essential. You can try and create a strong password on your own, but you're more likely to end up using something that's relatively easy to remember or type. The best way to do it is to use a dedicated application like Cyclonis Password Manager.

With the built-in password generator, you will be able to set a completely random and unique password for your online banking account. It can then be stored in your encrypted vault which means that you needn't worry about remembering it. And, provided your bank doesn't have the ridiculous "no pasting" rule on its website, you needn't worry about typing it, either.

The cybersecurity problem comes from the fact that many people associate extra security with additional inconvenience, and they are not prepared to put up with this inconvenience, even when something as important as their money is at stake. With Cyclonis Password Manager, we tried to prove that security and a smooth user experience can live together.

June 25, 2018

One Comment

Leave a Reply