← Back to context

Comment by ItsBob

3 months ago

FWIW, I work for a major financial organization in the UK as a software architect and I've brought it up more than once over the years in various roles: not a single bank in the UK supports Yubikeys or custom Authenticator apps.

Not one (I last checked about a month ago!)

Security, while pretty good, is still lacking imo!

5 comments

ItsBob

Reply
cjrp  3 months ago

Ironically until fairly recently Nationwide required the little keypad authenticator thing, and everyone hated it!

  • ItsBob  3 months ago

    I had one of those umpteen years ago with RBS. I hated it at the time too :)

    However, I use a Yubikey as often as I can nowadays and authenticator apps too where possible.

    I'd like the option to use one but I can't :(

  • Ntrails  3 months ago

    I thought they still did for website flow at least. Bizarrely we seem to think that phone apps are infinitely secure and don't need the extra step because biometrics?

    • victorbjorklund  3 months ago

      Isn’t it because the assumption is that a mobile device is personal in 99,99999% of cases while it’s common (less now than 15 years ago) with shared computers in libraries, schools, etc.