I suspect you are absolutely correct Crystal as the bank's online
service tech said he didn't even see a login attempt at their end when I
gave it a try while we were speaking on the phone.
On 2022-09-14 02:54, Crystal Kolipe wrote:
The error that the OP reports suggests that the login process is
failing before that.
In our experience, banks sometimes check odd aspects of http requests in a
misguided
attempt at security. For example, I'm aware of one that checks for the
presence of
an accept-encoding: gzip header on the login request, and if it's missing,
returns a
generic error message. Took me about five minutes to work that out.
We also know of a bank that has what seems like a backdoor, (or just a plain
bug), to
bypass their two-factor authentication in some cases, which took about 15
minutes to
find.
