We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Tesco Bank Account Security

2»

Comments

  • 18cc
    18cc Posts: 2,120 Forumite
    I normally use tiddles
  • Eco_Miser
    Eco_Miser Posts: 4,932 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    Pound wrote: »
    I don't know what the point of the photo and passphrase is. It's supposed to be so when you're presented the Tesco Bank login page you know it's the real deal because it's the photo you picked. But anyone could put your email address in and see what your picture and phrase is and use it to trick you.
    EachPenny wrote: »
    Not if you don't use your email address as your online banking username. Having a username which is not obvious is one of the first steps to online banking security.
    Even so, the photo adds little if anything to security, as a man in the middle attack will display the correct photo and phrase.
    Man in the middle: you log into a spoof site, the spoof site logs into the real site using what you type, and echos to real site's responses to you, then when it's logged in changes stuff to take over.
    Eco Miser
    Saving money for well over half a century
  • EachPenny
    EachPenny Posts: 12,239 Forumite
    10,000 Posts Combo Breaker
    Eco_Miser wrote: »
    Even so, the photo adds little if anything to security, as a man in the middle attack will display the correct photo and phrase.

    But as part of an overall package it does help stop some basic level scams.

    It is a bit like putting a padlock on your garden shed. Very few padlocks are used in a way which will stop a burglar stealing your tools, but a padlock might be enough to stop the local kids from 'having a look' and stealing your aerosol paint.
    "In the future, everyone will be rich for 15 minutes"
  • Pound
    Pound Posts: 2,784 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    EachPenny wrote: »
    But as part of an overall package it does help stop some basic level scams.

    I think it helps scammers. Tesco Bank are giving people the message that if you see the picture and phrase then you can be assured that it's safe to enter your password.
  • EachPenny
    EachPenny Posts: 12,239 Forumite
    10,000 Posts Combo Breaker
    Pound wrote: »
    I think it helps scammers. Tesco Bank are giving people the message that if you see the picture and phrase then you can be assured that it's safe to enter your password.

    But if you use other bank's online banking (e.g. LBG) you are invited to enter a username and password on the first login page and digits from your memorable phrase on the second. How many people stop to check either page is genuine, and how many are happy to just enter their details because the page looks familiar? That familiarity creates exactly the same assurance as the Tesco picture and phrase.

    Tesco's sms check on devices they don't recognise is one of the better security measures.
    "In the future, everyone will be rich for 15 minutes"
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352.1K Banking & Borrowing
  • 253.5K Reduce Debt & Boost Income
  • 454.2K Spending & Discounts
  • 245.1K Work, Benefits & Business
  • 600.7K Mortgages, Homes & Bills
  • 177.5K Life & Family
  • 258.9K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.2K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture