Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lloyds TSB Pushing New Online Security Protocol

Posted by Zonk on from the another-toy-for-the-keychain dept.

An anonymous reader writes "Looks like the two-factor bandwagon is beginning to roll in UK banking. The BBC is reporting that Lloyds TSB is issuing hard-tokens to 30,000 customers in an attempt to curtail phishing." From the article: "Until now, Lloyds TSB has used a two-stage system for identifying its customers. First, users must enter a username and password. Then, on a second screen, they are asked to use drop-down menus to choose three letters from a self-chosen memorable piece of information. The aim of using menus rather than the keyboard has been to defeat so-called 'keyloggers', tiny bits of software which can be used by hackers who have breached a PC's security to read every key pressed and thus sniff out passwords. But newer keyloggers now also take screenshots, which can reveal the entire memorable word after the bank's website has been used just a few times."

8 of 228 comments (clear)

  1. Token aka Keychain by brokenarmsgordon · · Score: 5, Funny

    Makes sense to me. The key to defeating a keylogger is a keychain.

  2. I want mine implanted by Harmonious+Botch · · Score: 2, Funny

    There is too much junk on my key ring already. I want mine implanted in the palm of my hand - with, of course, an on/off switch. While I'm dreaming: it should also a dna sensor so that it regularly checks for my red blood cells with oxygen, thus ensuring that if my hand is cut off, the implant won't work for more than a few minutes.

    1. Re:I want mine implanted by Anonymous Coward · · Score: 2, Funny

      I want mine implanted in the palm of my hand - with, of course, an on/off switch.

      Bank guy: "Why is this guy's fob going on-off on-off so much?"

    2. Re:I want mine implanted by spitzak · · Score: 2, Funny

      It should also start blinking when you approach 30 years of age so the sandman know when it is time to kill you.

  3. A number of scams in Canada at ATM machines by jkind · · Score: 3, Funny

    With a camera being used to steal someones PIN #. I get the creeps every time I use one of those weird privately owned ATM machines in convenience stores in the middle of nowhere. Some of them even have spelling mistakes on their screens. What's next? "Thank you for withdrawing, your account is TEH PWNAGE"

    --
    ~jennifer.k~
  4. An easy fix by Alwin+Henseler · · Score: 2, Funny
    From the summary: "But newer keyloggers now also take screenshots"

    Well duhh... why not use the obvious solution to prevent reading password information from the screen, like it's been done for ages: use * in place of readable characters. I for one, welcome our new multiple-choice password selection!

    Please click your password:

    • xxxxxxxxxxxxxx
    • xxxxxxxxxxxxxxxxx
    • xxxxxxxxxxxxxxx
    • xxxxxxxxxxxxxxxx
    • xxxxxxxxxxxxxxxxx
    • xxxxxxxxxxxx
    • xxxxxxxxxxxxxxx

    (* replaced with x to please Slashdot junk filter)
    Eat that! Good look trying to discover the real password!

  5. Those tiny, pesky bits. by GillBates0 · · Score: 2, Funny
    ...has been to defeat so-called 'keyloggers', tiny bits of software which can be used by hackers...

    That's why I always use large, generously sized bits in all the code I write.

    In my experience, larger bits (mine are atleast 2-3 times the size of regular bits) are easier to see and less prone to problems like memory leaks and haxx00rrzing than their smaller counterparts.

    On the other hand, they're more likely to fill up buffers and cause overflows than smaller bits.

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  6. Re:Two-Factor... by smackjer · · Score: 2, Funny

    You have a problem with people hacking into your cell phone account and paying your bill for you?

    --

    This is my sig. There are many like it, but this one is mine.