So you think only your wife knows your bank password, right?
It is common nowadays that banks offer different value-added services to their customers. Doing banking operations by phone or through the Internet is an everyday practice that obviously requires some kind of authentication; this matter is commonly addressed by -at the minimum- using some kind of password.
So if you go through life certain that your bank passwords are safe, and nobody can access that delicate piece of information… think again. As Bruce Schneider reports in his blog, this funny story has a bit of a worrying level underneath.
Summarizing the story up, Steve Jetley -a Lloyd’s TSB bank customer- decided to set his bank password as “Lloyd’s is pants”, just to find later that his password had been changed to “no it’s not” by a bank employee without Mr. Jetley knowing about this. The story gets worse when -after realizing the change- he tried to change it back to his original password or another similar such as “Barclays is better” on the grounds that it was “too long” (Barclays is a competitor of Lloyd’s). Even the password “censorship” wasn’t allowed.
Mr. Jetley received a full apology from the bank and the employee (I don’t know if the one that changed the password in the first place or the one that refused to accept the new ones given) was dismissed.
I think that leaving aside the possible comical side of this story, what worrying about this case is that banks are keeping their passwords in flat, non-encrypted forms in their databases. Why would an employee be able to see any client’s password? Or even further, why would an employee need to see any client’s password? So here for me there are two important issues:
1) confidentiality: makes me wonder how many of these important passwords that I have (banking, payment platforms, etc.) are still unencrypted, and
2) accountability: why would an employee see a client’s password?
I guess that the reason is that people (i.e. IT Managers, System Administrators, or even employees) access data for a plain and simple reason: because they can. If proper audit trails systems would be put in place, if there would be any kind of system that could serve as a “surveillance camera” that can prove irrefutably all the access and modification to data, there would be an automatic deterrence for this kind of behavior. People would not be sniffing around information they shouldn’t be looking at if they knew that all their actions were being audited, that these audit trails could not be tampered with and consequently they can -and probably would- be held accountable for their actions.