FNB recently implemented a new policy on its online banking portal which prevented users from pasting their passwords or using their browser’s auto-fill function to complete their login details.
The company has backtracked on this decision following backlash from tach-savvy users, however, as these customers pointed out that preventing the use of password managers made their banking details less secure.
FNB head of digital banking Giuseppe Virgillito told MyBroadband that the bank had noted the feedback from customers on social media.
“FNB recognises the valuable feedback from our customers regarding the measures to prevent auto-filling of banking passwords,” Virgillito said.
“We have found that a number of our customers save their banking passwords to their browsers. This places customers with stolen or unattended devices at considerable risk.”
“As a consequence, we strongly discourage customers from storing their banking passwords in their browsers.”
The bank said that it recognises the value of password managers and while it does not discourage customers from using a password manager, it said they should be aware that should their device be stolen or accessed without their permission, a user who gains access to their cloud storage or a password saved on the device will be able to login to their banking and perform transactions.
“The security and privacy of our customers’ banking and login information is of paramount importance to us.”
Virgillito said that FNB was worried about customers endangering themselves further by attempting to bypass the password manager blocker, and it has therefore reversed its decision to block the pasting of passwords.
“We note with concern the recommendation to install unauthorised software and browser extensions by some users in a bid to circumvent the auto-filling of passwords,” he said.
“The use of this type of software for your banking is strongly discouraged as it places the user at a high risk of introducing malicious software onto their device.”
“Alternatively, it also places users at an increased risk of phishing. As a consequence, hereof, we have decided to revisit the decision to prevent auto-filling of passwords at this time,” Virgillito said.
He also thanked FNB customers in the technology space for their “valued contribution” and “robust engagement” around this issue.
FNB users should now be able to log in to their online banking as normal, using password managers or auto-fill passwords.