PDA

View Full Version : saving a day or more of grief



armandh
September 13th, 2009, 02:06 PM
In your banking relations do NOT use chalenge questions where the answers are in the public records anywhere!!!!

If you do your account can be cracked with a little research.

if you did, change them now.

I was lucky that the bank caught the fraud and clawed the cash back, however it is still a PITA getting new accounts.

Странник
September 13th, 2009, 02:08 PM
Good thng that no damage was done

Bachstelze
September 13th, 2009, 02:11 PM
Banks use challenge questions in the US? O.o

armandh
September 13th, 2009, 02:19 PM
Banks use challenge questions in the US? O.o

yep; if you [or someone] calls in and tell them you lost your pass word and can answer the questions you set up under the old pass word they will reset it for "you", unless the account is noted not to, then you must show up with photo id etc. to change the lost pass word.
if you select easily researched questions from the drop down you can be hacked by someone researching all the discoverable answers

Vostrocity
September 13th, 2009, 02:32 PM
Still it's harder than cracking an online account since you have to speak to a live person, and you only get one try basically.

Namtabmai
September 13th, 2009, 02:43 PM
I dunno, my bank uses challenge questions along with a password.

Not only would the cracker need to do research about me to find what my answers are, but they'd also need to make exactly the same spelling mistakes I do to get them right. :/

pwnst*r
September 13th, 2009, 02:59 PM
my bank uses challenge questions, password, and image verification online.

also, if you call to get your password reset, you better know your pin, account number, social security number, AND a challenge question's answer.

not sure what bank you're dealing with, but it sucks.

Bachstelze
September 13th, 2009, 03:03 PM
not sure what bank you're dealing with, but it sucks.

Yeah, over here you can get nothing on the phone, you have to go there and show your ID.