Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

FWIW, I work for a major financial organization in the UK as a software architect and I've brought it up more than once over the years in various roles: not a single bank in the UK supports Yubikeys or custom Authenticator apps.

Not one (I last checked about a month ago!)

Security, while pretty good, is still lacking imo!



Ironically until fairly recently Nationwide required the little keypad authenticator thing, and everyone hated it!


I had one of those umpteen years ago with RBS. I hated it at the time too :)

However, I use a Yubikey as often as I can nowadays and authenticator apps too where possible.

I'd like the option to use one but I can't :(


I wonder if the higher-end banks, e.g. Coutts, let you use one.


I thought they still did for website flow at least. Bizarrely we seem to think that phone apps are infinitely secure and don't need the extra step because biometrics?


Isn’t it because the assumption is that a mobile device is personal in 99,99999% of cases while it’s common (less now than 15 years ago) with shared computers in libraries, schools, etc.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: