Should Online Banking Use Flash for Verification?

larrystotler asks: "One of my banks has instituted a new 'Secure Sign-in' setup. They allow you to register your computer with them so that you don't have to go through the new extra security steps. This involves the use of cookies -and- Flash Objects: 'Adobe Flash objects store data in much the same way that cookies do on your computer. If you have Flash installed, we can recognize your computer in the event that you erase all your cookies.' This requirement of Flash will probably negate my ability to access my bank account when running Linux on my PowerMac since Flash Player is not available for it(haven't tested it yet). However, the real question is: Is Flash a good, secure option that a bank should use to help identify you?"

Absolutely not

[tarlos25]

More often than not, Flash is a horrible bandwidth hog and slows page loading drastically. And if someone is on a dial-up connection (which still exists in many places due to no high-speed being available, and satellite being far too expensive), any slower page loading means less likelihood of a resource being used. Plus, not everyone will have a Flash player available, especially if you're using the latest version. So do you want to alienate your customers?

Re:No.

[tqk]

No.

Next question?

*That* gets modded "insightful"?!? Well, heck, have some more: did you know the sun goes down every evening and comes up every morning, and it's been doing it for billions of years now, all over the Earth, and the same thing's been happening on (most?) other planets as well, and for just as long! :-O

I expect much better from /., but perhaps I'm an old school fart.