Watani Online Nuisance
My password expired. I haven’t logged in for a while (a couple of months) and my password expired. Of every institute that I have ever dealt with, in Kuwait and internationally never has there ever been an expiry on my password!
For those who don’t know, Watani Online, is NBK (National Bank of Kuwait) Online banking service.
Now, if you’d ask, they’d probably say this is added security. I don’t think this is added security at all. It is an inconvenience to the customer. I am not an idiot. I can take care of my passwords, and if I can’t then it is my own problem. Why does NBK have to make it a harder experience for everyone to use their online service!
After I got the notice that my password had expired and that I had to create a new one, I clicked on the link to follow the instructions. I entered my banking information and a new password. My password was the same as my older one, since there is no way ever anyone can guess it, and I am pretty confident about that!
I got an error that my password has to be new, not something I had used before, and should combine letters and numbers and be between 6 and 8 characters. Now, why can I not use my old password? I understand again, that this is a security feature but come on. This only makes it worse for us who seem to have to change their password every few months because we don’t need to/want to log in!
Talking about security, why is the limit between 6 and 8 characters? Doesn’t that limit the number of password one can “create” that he/she can remember? Just imagine this, how many of those people use their 7 digit phone number, and a letter at the end of beginning as their password? Or, how many use a 4 number significant year and a 2-4 letter related or meaningful word? Also, being a tight community, it becomes easier to socially engineer these password being of that length.
Back to the new password form, two new fields popped in! I also needed to include my Civil ID and my account number to create a new password! Oh you have got to be kidding me. I do very much understand security, I am a System Admin, but this is crossing the line into annoyance and customer frustration!