Thursday, 28 August 2008

Lloyds Bank

I bank with Lloyds and on the whole I am satisfied with them but I am disturbed by this story. Now the customer might have had issues with Lloyds but they are of no concern here. What is of concern is the internal security of Lloyds. Firstly, according to El Reg , the password length has a limit of only six characters which is far far too short for modern systems; and secondly it implies that the staff employed at Lloyds can actually see your password. Not very reassuring and I wonder how an security auditor would view that practice.

No comments: