Bank Botches Two-Factor Authentication
From their press release:
The computer was protected by two layers of security, a unique user-identifier and a multiple-character, alpha-numeric password.
Um, hello? Having a username and a password—even if they’re both secret—does not count as two factors, two layers, or two of anything. You need to have two different authentication systems: a password and a biometric, a password and a token.
I wouldn’t trust the New Horizons Community Credit Union with my money.
Anton • April 13, 2007 8:05 AM
Bruce, you have to stop posting comments that make readers burst in spontaneous laughter in otherwise silent offices.
But seriously though, that comment has to be just an attempt to spin it look like they had due security measures in place.