Banks to Use 2-factor Authentication by End of 2006

Evil Grinn writes "As reported on Yahoo and elsewhere the Federal Financial Institutions Examination Council (FFIEC) has given a deadline of end-of-year 2006 for U.S. banks to implement two factor authentication."

My bank already does this

[thewils]

At least so they said in that email they sent me...

Re:Security or Laziness?

[erick99]

And then driving home in your horse and buggy?

Re:good idea, in my opinion.

[yotto]

Does this mean slashdotters can tell their bank to read TFA?

Sounds great but...

[StarWreck]

Sounds great, but what about forgetful people? So called "Strong Authentication" or 2-factor authentication sounds great in theory. Rather than just cracking your password, a woodbe theif would also have to steal a physical item from your posession. However most people are dumb and forgetful, they would put a piece of scotch tape on the physical item and write their password onto it so that when the woodbe theif pick pockets them, then they don't have to even bother trying to crack their password. Sounds great in theory but it dosen't work - like communism. In summary, it is the authentication for communists.

TFA Readers

[EEBaum]

So does this mean that all banks will be required to have machines that read TFA?

T-FA ... !

[icepick72]

The linked Wiki article actually states "A common example of T-FA is a bank card". Who knew TFA had another meaning ... I wonder if the banks realize -- so Don't get offending the next time you walk up to the bank teller wicket and are asked for TFA !!! They'll wonder why you are snickering. Woo-hoo

Re:One more damn thing to carry around

Man, I remember back in the day we had to physically visit the bank between 9am and 5pm on a Monday thru Friday and carry around a little green savings book if we wanted money from our accounts. Get this... When I got paid by my employer, I had to go to that same bank during those same hours and deposit the check in my account through my teller and I had to have that green book with me. At one point, that bank put an odd looking hole in the wall with a big heavy metal door. I think it was called a "night deposit box". Me and the other guys would never put our checks for deposit in that thing, how safe could that really be and no one around to give a receipt or fill in my little green book. Did I mention the trip to my bank was uphill both ways?

Physical access.

[ElDuderino44137]

Don't let anyone fool you.
If you gain physical access to a device ... you will get in.
These n-factor authentication schemes ... may delay you ... but I doubt it.

Step 1: Remove hard drive from device.
Step 2: Run away really fast.
Step 3: Rule the world.

Two Factor Withdrawls

[faqmaster]

The two factor system has always worked well for me. I have no problem making withdrawls using a gun AND a note.

Re:my bank already implemented a low tech version

What's really interesting is if you take the number distribution:

~$ perl samp.pl
252053113963855743064766244111
0: 2
1: 5
2: 3
3: 4
4: 4
5: 4
6: 4
7: 2
8: 1
9: 1

And then multiply each number with the number of times it appears:

~$ bc
bc 1.06
[...]
(1 * 5) + (2 * 3) + (3 * 4) + (4 * 4) + (5 * 4) + (6 * 4) + (7 * 2) + 8 + 9

114

And then add the first two numbers:

1 + 1

2

Then tack the last number back on:

24

Then reverse it:

42

Wonder if there's a service charge for using the ATM at the Restaurant at the End of the Universe.