Alex wrote:
> Heikki Toivonen wrote:
>
>> Yup. <sarcasm>Behold the high tech leaders of the free world.</sarcasm>
>> Well, I obviously haven't checked all American online banks, but
>> permanent login & password seems to be the norm. As far as I know
>> most European banks use one-time passwords...
>>
>
> What exactly do you mean by one-time passwords? I'm not familiar with it.
>
> I always have to fake my user agent string to log into BofA, so that's a
> bit of a workaround of their ignorance :)
>
There are a couple of schemes I know of. The more expensive one is to
give clients a special card with a digital display that generates one
time access codes (a new code every minute or so). The cheaper method is
to send the client a printed list of codes. With the list, you have to
remember to cross off the codes as you use them and you also have to be
careful not to cross one off that you haven't used.
