Hacker News new | past | comments | ask | show | jobs | submit login 

   Why is this such a common thing?
Short answer I suspect is old systems with complicated dependencies.



In my experience with banks that did this it was to allow a mapping to 10digit keypads for bank by phone access. I haven't tried it recently, and they allow complex passwords now. When I noticed this several years ago I was able to log into my bank account via the website with the 10digit equivalent password. At least your bank balance is insured...


Even so, you could hash the password somehow in order to produce the number, which then goes into that old system.


There are always engineering solutions to such things, but I don't think most of the decisions are made in terms of "it's possible". There is always a risk/reward conversation, and a lot of conservatism in systems currently processing a large number of transaction and/or $ successfully. Perceived risk may or may not be analyzed correctly, mind.


You'd think when they have all the money the risk would be really high




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: