Resetting your password should be easy and secure, but is it?

Back in 2001 I reviewed online banks and their issue with Phishing scams. 

I found that most banks back then didn't do anything in the realm of IT security to protect their users from scams. 

In fact, it seemed they made it easy for any scam on just about all levels. 

Today when one of our favorite banks returned to an old password reset that was used by scammers around the world I figured it was time to start posting why things should not be used. 

Have fun, comments are welcome if you have something interesting to say.

 

 

Regions Bank

Monday Mar 21 2016
Reviewing Regions Bank new but old password reset. No longer do they allow your questions to be answered. It's Card Number Username and Pin. All things that can be used directly to hijack your account by phishing scams. Over a decade of mistakes and still going strong!

 

When it comes to resetting your password you want to know that not just anyone can do this. You also want to know that someone can't do this without your knowledge.