Should I be panicking about my Bank of America password?
April 15, 2014 11:27 AM Subscribe
(Keeping this anonymous because I'm worried my security's compromised and don't want to make it worse.) So for about the past six weeks, the log-in process on the Bank of America site has been behaving strangely for me. When I go to the BOA site I see my online userID in the normal way and click on it. That then takes me to the sitekey confirmation page where --weirdly-- my password is now showing up in plaintext on the login page, above the sitekey image. The first time this happened it was displaying my then-current password, which I immediately logged in with and changed. Since then, every time I go to log in I see the old password in plaintext, above the sitekey. When I enter either my then-current or my actually-current password it's rejected and I need to go through the reset process before I can successfully log in. I'm not freaking out, because there's no strange activity in my accounts. But still, it's unnerving. So..... what might be going on here, and what should I do about it?
posted by anonymous to Computers & Internet (15 answers total) 2 users marked this as a favorite
(Extra information because this is anonymous so I won't be able to respond to questions. I've written BOA but in my experience their support staff are clueless and will be unable to help me. Nothing big has changed on my end --no new devices, no unusual travel, no other reason to think something's awry-- and I have no particular reason apart from this to believe any of my passwords or accounts anywhere have been compromised. I practice pretty good password hygiene in general: I use randomly-generated strong passwords in KeePass and change them every few months. Other small things about the BOA login process seem to have changed at about the same time as what I described above (like, now I cannot copy-paste from KeePass into the password verification field when setting a new password, which I think I used to be able to do). So I am wondering if maybe BOA made a bunch of changes to their login process, and it's just still very buggy.)