• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Cookie Policy (US)
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Large Banks in the US have weak password policies

Updated on Mar 8, 2016 by Guest Authors

In a rather ironic turn of events, over 350 million individuals who have accounts with the large banking companies in the United States are using passwords that are weaker than the ones they use for their social media accounts.

Researchers at the University of New Haven Cyber Forensic Research and Education Group examined the strength of passwords used by customers of major U.S. banks such as Wells Fargo, Capital One, Citibank, Chase Bank, Webster First Federal Credit Union and BB&T. The study found that those passwords were substantially weak, which could affect potentially hundreds of millions of bank clients.

Chase_Bank

It is hard to believe that people are more concerned about bolstering their social networking accounts than beefing up their banking credentials, thanks to the poor password policies among these banks.

One of the weaknesses discovered in those banks’ password policies is that the website login pages do not require a distinction between upper and lower-case letters. Normally, users are asked to employ upper and lower-case letters to beef up the security of their accounts. In addition, symbols and numbers are also required for better security.

By missing support for case-sensitive passwords, those banks are making their customers’ cyber account less secure than, for example, Facebook and Twitter. The banks in question are also significantly making it easier for attackers to perform brute force attack on the accounts of customers, a technique that guesses the account password through repeated and persistent attempts within a short period.

As among the largest banks in the United States, it would be safe to expect the highest security standards from those companies when it comes to password policies, especially for customers whose security and safety online rely on how those banks handle their login credentials. But the researchers’ recent findings shed light on the lack of seriousness on the part of the banks to secure the cyber accounts of their customers.

In comparison, the time it takes to brute force a password that is not case sensitive is shorter than the time it takes to guess a case sensitive password, thus reducing the odds for attackers to carry out their malicious activity.

In terms of response and customer service, those banks were sadly sluggish in responding to the concerns of customers with regards to the security of their account. In fact, according to the researcher, there is hardly a way to contact those banks as their websites do not contain email addresses or contact number for customer feedback.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Footer

VTOMAN FlashSpeed 1500 Portable Power Station Review

OpenRock S Review – Revolutionizing the World of Earbuds

KEF LS50 Bookshelf Speakers Review: A Sound Decision Over the LS50 Meta

ALLPOWERS SP033 200W Portable Solar Panel Review – Eco-Friendly Energy on the Go

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • VTOMAN FlashSpeed 1500 Portable Power Station Review
  • OpenRock S Review – Revolutionizing the World of Earbuds
  • AiDot OREiN & Linkind Matter Smart Light Bulb Review
  • OKP L1 Robot Vacuum Cleaner Review – Affordable Robot with LiDAR Navigation

Copyright © 2023 · All Rights Reserved

Manage Cookie Consent
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}