Because I run a small business I have multiple bank accounts with Barclays
, one of the "big four" banks here in the UK. As banks go they aren't too bad (although that is like saying that as diseases go Malaria isn't too bad, don't think I actually like these guys). So at the weekend a package arrived containing my new Pinsentry
card reader that I have to use to get into online banking. In the past I needed to know two user IDs, some personal information and a password to log into each of my accounts. Now, in addition to that I have to put my bank card into this card reader, enter the PIN for the card and then type another 8 digit number to log in. It's classic dual factor authentication, and it's absolutely crazy.
Frankly the old system was more than secure enough. All that the new system will achieve is to make me log in to the site less frequently as it is such a palaver. I genuinely can't think of a reason why they have gone this far with the security, if someone is foolish enough to give out their personal details, two secret (and hard to guess) user IDs and their password then frankly they deserve what they get.
Setting aside the absurdness of the over-security, when I tried to log in yesterday (taxes to pay, thanks Gordon) I couldn't actually get in at all any more. The reason which was discovered after nearly an hour on the phone was that my personal bank card has now been tied to my business account. So to log in to my business bank account I have to partially use business details and partially personal details. Their response when I asked how it was going to be fixed... "Well you have both sets of details so you can just live with it"! This from a company which last year made over seven billion punds profit. That's more than fourteen billion dollars. And the worst thing is that moving banks is not really an option, they are all as bad as each other.