Stop brute force

This is because when they changed the password policy to include special characters, they didn't force everyone to change their password.

Therefore they have to cater logic for old password logic and also new password logic.

But to implement it in this half ass way is plain stupid. This is not some wordpress blog yo. This is a fucking bank.

#programmingtalk

Aku kerja dalam FI
Kalau aku bukak cerita ni memang bungkus la business
Semoga BNM bukak mata dan haramkan je terus

Now can change password to Max 20 characters

Also, not sure if somebody mentioned before...using Google captcha...which genius thought of that way to do it? Limit the times of failed transaction or use phone secure SMS or TAC la adui.

This post has been edited by Duckies: Dec 17 2018, 01:20 PM

Means no matter what u put , it will masuk with the first 8 character, instead of reject and jump out from the function

Must be learning from Najib.

"You are not being fair to me!!"

naise, untung dev dia, public is saying cimb got hacked, but the truth is code like monkey.

So head siapa yang akan roll on the ground? Sure somebody kena eat the dead cat and take the blame. Head of IT?

once encrypted, it will be different alot.
even you plainly compare the password also different already

should rejek altogether, this logic aaa, wait, part of the password is correct, let him in la, no need to check others

Some people were using bots to bruteforce password, since CIMB has no failed login limits. The CAPTCHA was supposed to slow the bots down

those checks are supposed to be checked at server side, when kantoi client side it will give ideas to malicious people as to how the system in the back works.

Bukan ke their IT guy sudah lompat suicide?

I hope they start introducing Fingerprint authorization like Maybank app.

So how did they managed to hack into user in the first place? Memang brute force password ke? Even though with that, they still need the USER ID.

my mom punya kena last week, same case unauthorised Paypal transaction, then she went to the bank and they replaced her ATM debit card FOC.

This post has been edited by incubus_skj: Dec 17 2018, 01:25 PM

Wa kesian, kena suicide to redeem himself/herself. Bukan as usual play the blame game ke?

sounds really stupid n reckless system !!

wonder why with billions profits bank kenot hire proper IT people ??

But some people don't have fingerprint (no hand or leg), how leh? Discrimination for the disabled people!!!