The recent Heartbleed OpenSSL vulnerability prompted another healthy round of resetting my passwords all over the web.
This time around, I have noticed more sites are permitting longer passwords, which is great. There is one category, however, that still lags behind; and that’s banking.
Several of my financial institutions permit a maximum of only 12 to 15 characters. I continue to ask them to accept longer and more complex passwords, to no avail.
Perhaps it’s time for me to choose financial institutions that have a greater emphasis on security than low interest rates or cash-back rewards.
I have started to create a spreadsheet that compares the minimum and maximum password requirements for some of the larger banking institutions in the US. It’s a public Google Docs Spreadsheet. I invite anyone you to help contribute or edit:
It is frustrating that the password that I use to protect my Netflix account is many times more secure than the passwords I’m permitted to use to protect my financial assets. I can use a 32-character password to protect content that isn’t even mine, but can’t do the same for my own money.
Please help me find a bank that cares about security. Any contributions to the Comparing Bank Password Requirements would be appreciated.