
Bank Had the Worst Password Policy We've Ever Seen - vezycash
https://www.vice.com/en_us/article/kz4jjv/this-bank-had-the-worst-password-policy-weve-ever-seen
======
rgovostes
I would not have published this article. Someone at the bank made an error,
and

> After we reached out to FinecoBank for comment, a spokesperson said that “we
> understand the criticism and we decided not to suggest anymore to our
> clients to do so.”

Ok. What's the story?

The article also complains that, "to make matters (MUCH) worse," the bank
charges to physically mail a new password. Well, sending a letter costs
something, and takes someone's time, and attaching a fee to it incentivizes
people to use the online password reset, which as the article states, is free.

One of the claims of the article subheading was always false, and the other is
no longer true.

> A European bank makes customers pay to change their passwords, and suggests
> they Google their password to check if it is secure.

~~~
iron0013
The policy was listed on their website and confirmed by a customer service
representative. Just because they saw the error of their ways after being
contacted by the press doesn't mean they didn't actually have the woeful
password policy in the first place. There's no evidence anywhere that "someone
at the bank made an error", in fact it says right there in the same quote that
you quoted that the bank "decided not to suggest anymore to our clients to do
so".

Your other claim is also false! Just because it costs something for the bank
to physically mail a new password doesn't mean that they weren't in fact
charging their users a fee to change their passwords--they were! Just because
you feel that the fee was justified doesn't mean that they weren't charging a
fee.

To conclude, everything described in the article was completely true, and
everything you claim is completely false.

------
BubRoss
FinecoBank, a bank with more than 1.3 million customers in Italy, makes
customers pay to change their passwords, and suggests they Google their
password to check if it is secure.

Saved you a click.

~~~
rgovostes
This is perpetuating false claims in the article, though. I would revise this
to:

> FinecoBank, a bank with more than 1.3 million customers in Italy, used to
> suggest that customers Google their passwords to check if they are secure,
> and charges a fee to change a password by snail mail instead of online.

~~~
BubRoss
Those words were copied directly from the article and pieced together.

