• Blackmist@feddit.uk
    link
    fedilink
    English
    arrow-up
    33
    ·
    2 months ago

    I remember my bank used to ask me for the 2nd, 5th and 7th letters of my password from time to time.

    There’s only one realistic way they can know those to ask me.

    They haven’t asked me that for a while now, so I can only hope they encrypted them properly at some point.

    • silentdon@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      2 months ago

      I once called my bank because I had trouble logging in. They didn’t outright say it but they implied that they could see my password and asked if I wanted to update it by telling them the new one. I said no.

    • 3x7x37@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      5
      ·
      2 months ago

      I can only hope they encrypted them properly at some point

      Encryption is reversible, hashing isn’t. That’s why you use the latter for passwords.