Comments on: British bank changes “pants” password

By: The credit crunch

The credit crunch — Tue, 07 Oct 2008 14:46:33 +0000

This is an amazing article. Ive posted an article about it on my blog linking back, great article and yes Lloyds is very pants.

By: Justin

Justin — Sat, 04 Oct 2008 17:35:28 +0000

I would just like to say, it doesn’t concern me that Bank Employees can see my password because as it stands they can see my entire banking history at the same time. That said, the situation does concern me but only for the fact that someone in the general public could find out my password.

By: John

John — Sat, 04 Oct 2008 11:28:17 +0000

And yet, when “Sisterhood of the Travelling Pants” came over here, no-one thought to change the name…

By: David Snow

David Snow — Fri, 03 Oct 2008 21:29:44 +0000

Most computer software NEVER stores your reall password. It runs the password thru a one-way lossey hash and stores that result. Each time you enter your password the software runs the password thru the same one-way lossey hash and compares this number with the one stores. You aren’t supposed to be able to reconstruct the password from the hash. If banks have such crappy software that they actually store “raw” readable passwords then we should all be scared about how safe our money really is. Especially if employees can read this data.

/DaveS

By: Rob

Rob — Thu, 04 Sep 2008 10:56:36 +0000

it is funny indeed, but it is worrying that employees can access that data freely and without worries of being asked “why are you looking at that?”. Also, I cannot understand why that data wasn’t encrypted.
Either way, it wasn’t clear which one of the two employees was dismissed: the one that accessed and changed the data or the one that didn’t accept the new ones.

By: Ellie

Ellie — Mon, 01 Sep 2008 04:10:46 +0000

LOL @ pants being bad LOL

By: Mark O'Neill

Mark O'Neill — Sun, 31 Aug 2008 22:01:19 +0000

Yup, in British English, pants are underwear. It is also slang for something that is bad, terrible, stupid, screwed up, etc.

By: Jimmy Rogers

Jimmy Rogers — Sun, 31 Aug 2008 21:40:28 +0000

The funniest part about this story, to me, is that “pants” is a derogatory term in some places :P

By: Phillip

Phillip — Sun, 31 Aug 2008 06:19:29 +0000

I was a bank employee for two years. We didn’t know the customer PIN numbers or passwords, but we could change them if necessary, or at will if we really felt like it. For obvious reasons we didn’t, but the passes are not completely yours.

By: Katy

Katy — Sat, 30 Aug 2008 13:38:00 +0000

I’m a Lloyds TSB Customer and I have two passwords with them, one for my Phone Banking (which I can never remember so have to go through the arduous process of trying to remember all my recent account activity) and my Internet Password. Lloyds staff don’t have access to my Internet password, they do however see my Phone Bank one.

By: mike

mike — Sat, 30 Aug 2008 13:07:44 +0000

he was probably calling in and the bank asked for his password. there’s no way a bank employee was going from account to account just looking at passwords.

unless lloyds really is pants.

By: Will Spaetzel

Will Spaetzel — Sat, 30 Aug 2008 12:39:12 +0000

I think the biggest problem here is that the bank is able to see the customer’s password at all.

Shouldn’t they be doing a 1-way encryption on all passwords? Storing passwords in plain text is a very bad idea.