Lloyds TSB Pushing New Online Security Protocol

Posted by Zonk on Friday October 14, 2005 @03:37AM from the another-toy-for-the-keychain dept.

An anonymous reader writes "Looks like the two-factor bandwagon is beginning to roll in UK banking. The BBC is reporting that Lloyds TSB is issuing hard-tokens to 30,000 customers in an attempt to curtail phishing." From the article: "Until now, Lloyds TSB has used a two-stage system for identifying its customers. First, users must enter a username and password. Then, on a second screen, they are asked to use drop-down menus to choose three letters from a self-chosen memorable piece of information. The aim of using menus rather than the keyboard has been to defeat so-called 'keyloggers', tiny bits of software which can be used by hackers who have breached a PC's security to read every key pressed and thus sniff out passwords. But newer keyloggers now also take screenshots, which can reveal the entire memorable word after the bank's website has been used just a few times."

1 of 228 comments (clear)

Min score:

Reason:

Sort:

This Could Be Problematic by repruhsent · 2005-10-14 03:40 · Score: -1, Offtopic

This could be a difficult thing for Linux users, as all protocols must have a kernel module in the current kernel (including things like BitTorrent and OSCAR, the protocol for AIM). If this goes through and no module is written, Linux will surely be crippled.