USBank’s Password Policy

Recently, I went to change my USBank password.  I continue to be shocked every time it tells me it does not allow spaces:

cyp.png“Please create a new password that’s between 8 and 24 characters with no spaces. Your password should include both letters and numbers and may also include special characters (such as %, $, &).”

This is just silly—there’s no absolutely no reason they should prevent spaces.  For me, this shows a lack of care; a lack of finesse; a lack robustness at their gates of security.

This is about more than just spaces, too.  Their password change process is simply not modern.  It’s so 2000’s.  My gaming account on Steam has a more robust password change process.  I can list five things Steam does better than USBank regarding password security:

  1. They allow any characters in a password.
  2. They show a password-strength meter when typing a password.
  3. They authenticate the user via an email confirmation code before changing password.
  4. They send you an email notification when someone tries to sign in from a new device or computer.
  5. They allow multi-factor authentication.

I’ve been annoyed at USBank for this since I first got an account there, probably around 2005.  But, it’s 2017. C’mon.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s