Hacker News new | past | comments | ask | show | jobs | submit login

You’re right, you’ll probably get your money back if your password gets stolen.

Eventually. Might be real disruptive if you’re in the middle of buying a house.

I’d probably choose my bank to minimize my chances of dealing with a giant bureaucracy for however long (and the non–zero possibility that I actually won’t get my money back). But if that’s not “damage” to you, feel free to keep doing business with them!




>Might be real disruptive if you’re in the middle of buying a house.

Agree, I consider this a damage but if the bank can avoid causing me any disturbance despite of using clear text password or <insert any other questionable security practice> then why should I be concerned ?


The same reason you might be concerned even if a doctor can deliver a baby safely despite not washing his hands in between a cadaver examination and touching your wife.

Do you feel lucky? Well, do ya?


Sure, If the doctor can deliver baby safely and not causing any other damage despite not washing hands then what's the issue?

That's why I asked what is the actual damage. Is the money is stolen ? Is the money can't be accessed ? If the bank doesn't do me any actual damage despite the clear text password then I don't see why I should be concerned.

I guess I can see that for some people, clear text password usage can cause them anxiety and lose some sleep.


Are you genuinely saying that when you see someone putting you at risk, that you do not see a problem with it until a problem actually occurs?

Imagine you worked in a building for a week and didn’t die in a fire. Would you have a problem with discovering that the writing was done by a amateur, there were piles of lint and fabric everywhere, and there was only one revolving-door exit?

If yes, then you understand the problem of risk and its just a question of magnitude.

If not, then you should be aware that you see the world dramatically differently than most people.


The risk are highly exaggerated, the damage may never occurs in the first place.

It may seem unlikely that the bank can keep my money save by using plain text pwd but if they can somehow do that, why do I care.

Even in the unlikely event that the money is stolen but if the bank can handle that without causing me disruption then whats the issue.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: