next Tuesday lah

trueeeeeeeeeeeeee

really have no idea what the decision makers thinking when apply this kind of user experience....

too many in panic mode,all bank transaction need authorization right ,so without u authorization can go through,malaysian always like to join bandwagon ,people said banned this boikot this semua ikut,last2 see no problem what so ever.

not all, especially paypal

https://www.soyacincau.com/2018/12/17/was-c...-clicks-hacked/

hahaha not surprised- gomen dept CIMB is a bank ler. If true they store password in original form then BNM should withdraw their licence IMHO. For that matter doesn't BNM do IT system audit on licensed FI's ?

not only paypal does not need TAC code. even when i use Expedia there is no TAC code as well..

strange.

I did not have to do this step though

I have old password with more than 8 character.

It will still login as long as 8 character infont valid. Hahaha. How nice.

Just change CIMB Clicks password and go get your debit card replaced, done

I doubt it. Local bank wholly owned by bumiputra, means they get a "special" card. If they are ever in trouble, govt will bail them out and protek them instead.

so let's say your old pw was 12345678H%&*GGhklp ...

1. before 18 nov, were you able to get in with just 12345678? with 12345678H? or only with 12345678H%&*GGhklp?

2. After 18 nov, were you able to get in with just 12345678? with 12345678H? or only with 12345678H%&*GGhklp?

curious to figure out what cimb is doing

hahaha let's not go down that road ler. anything that happen to one bank can reverberate throughout the entire system. I'm sure bnm folks realise and understand that

yesterday se7en got post the code script.
the checking is:-

if got no special characters and >= 8 characters (means new format of password), you will require to type exactly your password
else (old password password), you only need to be correct on the first 8 characters.

meaning if old format of password, any characters behind after 8th characters, if user type in wrongly, user will still be logged in

And if i ask the cso what do u think the answer given?

Not exactly remember. But i think there are times that i mistake typo at the last character and manage login.

I always thought i typed correctly somehow. Yeah. Now this news come out.

So much for PIDM protection.
Those paypal charged transaction took away saving which needed for loan repayment, expenses.

Now cimb required 2 to 4 weeks for investigation and refund.

Since when PIDM protect your duit hilang kene hack? Go re-educate yourself www.pidm.gov.my

Thx bro, saw that & thinking thru the implications. How does CIMB store passwords? As Is? or after hashing?

If after hashing, old passwords longer than 8char should not be able to get in if just key in first 8 chars. Why? becos the hash would be diff. No? Only way can get in is IF the old password was stored As Is. Wonder if that makes sense

https://www.apakes.com/sotong-betullah-cimb...-nak-gaji-esok/

Real or fake ?

This post has been edited by Seng89: Dec 18 2018, 02:15 PM


Attached thumbnail(s)

Dun know dun care