I hardly login to my Cimbclicks and last time was maybe 2 months ago.

Should I do anything? Not much money there in my account and I don't use their debit card for anything.

Nobody knows about it.

PS: I never do any kind of banking with phone. Ever.

This post has been edited by Hobbez: Dec 17 2018, 05:24 PM

Cimb is local Malaysia punya bank....this kind of story does not surprise me in the least. Long ago, I heard bad stuff about Cimb ardy.

Like got bank employees curi money.....

Who bodo enough to trust Cimb, means tak banyak akal.

Cimb is local bank, and is a ________-run bank, guaranteed the quality is lower.

I don't even give a sh_t about this DuitNow thingy....never bother to register. Just ignore.

Never keep a lot of money at any place and use very few credit cards,

Try to use Paypal for transactions without key in your CC at any website.

Don't do phone banking or transactions. So many apps can spy on you.

I always try to pay with cash. Even if less convenient.

Simple common sense.....

Ummm, I treid to change my password at CimbClicks but keep getting error saying invalid user ID...

Calling their 1300 helpline no answer and it charges you becos is 1300.

Key in the first 8 characters of the old or new password that you wanna change to?

Managed to change my password ONLY because I keyed in the 1st 8 characters of my password (which CIMB did not bother to tell me). Thanks to one /k user....

Just imagine if you used weak characters for your 1st 8 digits, then you are liable to be hacked.

That is the purpose of the Recaptcha, to stop brute force attacks. It is a stop gap measure by CIMB after news broke out.

Now it all makes sense to me.

A typical low ass quality Malaysia bank....



This post has been edited by Hobbez: Dec 18 2018, 12:44 AM

Got any good quality bank that use Google Recaptcha? If got, show me.

And why did you not quote the earlier part of my post?

About the security hole in the 8 character password limit?

And why CIMB did not inform me and instead keep saying my ID is invalid? Which is a blatant lie? And when I try to call them, they waste my phone call becos it is 1300 and not answer? (Too many angry phone calls issit?).

This post has been edited by Hobbez: Dec 18 2018, 01:36 AM

No spin. It is only admittance by Cimb themselves, that they have a problem.

Indirect way to admit what a big security hole they have. And that is a sign of a lousy bank.

Show me another bank that is forced to use Google Recaptcha or even ANY recaptcha? Takda?

Get my point?

This post has been edited by Hobbez: Dec 18 2018, 02:00 AM

Look, you have a problem with comprehension. I KNOW what the captcha is for, but it should NOT be there under normal circumstances.

Read this again -----> If Cimb did not have such a security problem they do NOT need to implement ANY captcha.

So why they have such a problem in the first place? Sila jawab.

You won't. Because you must be working for CIMB in some capacity am I right? That is why you are defending them to the end and cherry picking my posts.

Sudah la...dah lewat ni....how much CIMB paying you?

Only a few accounts were hacked, but my guess is CIMB is doing damage control when the news break out about how insecure is their accounts. For me, the main problem that I found out is that their passwords only accept the first 8 characters. Which I find out the hard way when I tried to change my password and failed. It keep lying to me and said my ID is invalid (but I could login with that ID).

Let's say your password is 12345678H%&*GGhklp

Anyone can login with your password if they just type in 12345678

If you were stupid enough to put this kind of password, then sorry la....

But CIMB hopes nobody that stupid, so their damage control is to implement that Google Recaptcha to stop brute force password attempts.

And it is easy with bots these days. There are hackers and spammers selling brute force software that they claim can crack most kinds of passwords.

Knowing the length of a password is a big step to cracking it.



This post has been edited by Hobbez: Dec 18 2018, 02:37 AM

Yes, they changed this "rule" on 18 November if I'm not mistaken. But of course, they cannot inform anyone of this. Otherwise, people kutuk them kau kau.

So they changed this secretly.

And that is why I could NOT change my password just now. Thanks to a /k tard he told me to just key in the first 8 characters. Then only I can change it. Otherwise keep trying and fail. Cannot understand why and preparing to go to their branch tomorrow already and cancel my other appointments....

Now the password length is up to 20 characters if not mistaken.

CIMB just not admitting all this. It looks bad on them.

And it is bad.

This post has been edited by Hobbez: Dec 18 2018, 02:49 AM

Thanks. I don't have to waste any more time to argue with you. Ofc you must be working for CIMB in some capacity la.....

Obviously.

I doubt it. Local bank wholly owned by bumiputra, means they get a "special" card. If they are ever in trouble, govt will bail them out and protek them instead.