I’m lucky my banking app works (GrapheneOS), as it’s now requiring 2FA with the app anytime I login on the browser. Can’t use an actually secure form like TOTP. At least they now allow passwords over 8 characters (yes, serious).

(Meme in comments)

  • Margot Robbie@lemmy.world
    shield
    M
    link
    fedilink
    English
    arrow-up
    1
    ·
    8 months ago

    This post is against Rule 6, but I’ll leave it up this time since there are a decent amount of discussion here now.

    lseif@sopuli.xyz, please remove the image when you can. You can post it in the comments.

  • Atemu@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    9 months ago

    At least they now allow passwords over 8 characters (yes, serious).

    Are you 100% certain they don’t just truncate your password to 8 characters?

    • RebootRebootReboot@programming.dev
      link
      fedilink
      English
      arrow-up
      1
      ·
      9 months ago

      I’ve seen a website that silently truncated my password during a password reset, but then wouldn’t truncate it during login. It took me a while to figure out why my password never worked.

  • viking@infosec.pub
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    Magisk plus DenyList luckily works for my banks. Couldn’t imagine not having a rooted phone.

      • fishos@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        9 months ago

        Because they think it matters. Same as people posting on Facebook some legalese saying “Facebook doesn’t have the rights to my stuff.”. They think that by slapping a copyright “claim” on their stuff that they supercede the agreements of the platform and somehow protect their comments from being scrapped by bots/advertisers, etc. All it really does is add a little “this guy is probably a sovereign citizen type” sign to every post they make.