[Tfug] [TFUG] Bank of America e-mail
keith smith
klsmith2020 at yahoo.com
Thu Nov 22 11:40:42 MST 2007
I think his point was they seem to care less and did not even provide a link to a
secure login page.
Brian Murphy <murphy at coppershadow.com> wrote: Jude Nelson wrote:
> Hey guys,
>
> I recently submitted a complaint to Bank of America regarding the fact
> that their front page (read: the page where you enter your Bank ID to
> access your account) has insecure elements on the page. Here's the
> excerpt from their response:
>
> - While the Online ID and Passcode are presented in web form fields
> over an unencrypted channel, when you type the Online ID only you can
> see the information you type and the Passcode is displayed as asterisks.
>
> Yeah. Right.
So? "Insecure" [sic] elements on the form page doesn't mean anything.
It submits to a secure page:
action="https://sitekey.bankofamerica.com/sas/signon.do" method="post"
Therefore the data is encrypted in transfer.
Brian
_______________________________________________
Tucson Free Unix Group - tfug at tfug.org
Subscription Options:
http://www.tfug.org/mailman/listinfo/tfug_tfug.org
------------------------
Keith Smith
(480) 584-4772
PHP Programming
---------------------------------
Get easy, one-click access to your favorites. Make Yahoo! your homepage.
More information about the tfug
mailing list