Additional 2-Factor Authentication Options

Hello, with cyber security attacks becoming increasingly prevalent we need more options for 2-factor Authentication. For most people, SMS doesn't give us the peace of mind anymore. It is great that you have that more than anything else but someone recently tried to login to my account and if they were able to spoof my phone number it would have been bad for me.

 

Recommendations are hardware keys such as Yubikey which is becoming increasingly popular. 

47 Comments
Sightseer

100% agree, you need to support TOTP based solutions like google authenticator, microsoft authenticator, etc. 

Sightseer

bump for two factor authentication, either google or ms.  i joined just to request after googling how to enable 2 factor authentication on becu.

Tourist

It has been 2 years since the OP's comment was posted and it's still under review. The current 2FA implementation on the website is intermittent. That is not sufficient to provide even a basic level of protection beyond the username/password.

Sightseer

I would like to see the 2 step log-in process. Even with a great password I don't feel as safe anymore. I'd like to get a text message every time I sign in, with a unique pass code each time.

Trailblazer

+1 for two factor authentication, while keeping it an "opt in" choice for the user. The SMS security is about at the limit of my 79 year old mother, anything beyond that if enforced would cause her to throw in the towel for online banking. Otherwise, Authy, Duo, and Google Authenticator have my vote, with hardware options such as Yubikey for the more tech saavy. I use 2FA wherever available, and the applications which provide this functionality have come a long way in making it easy for the user to set up.

Tourist

Any updates on this? its been more than 2 years since this idea was posted. 

Tourist

Here's some back-and-forth I had with BECU back in July. [Added letters "Q" and "A", otherwise no editing.] The reps were certainly polite.

-------------------------------------------

Q. Hello - I really wish you would implement a 2-factor authorization method that would be required for every log in. Your online services are among the most heavily targeted types of websites on the Internet, but I find your security measures inadequate. Please escalate your work in this area. Thanks.

A. Thank you for contacting us via Message Center. I am happy to help you today.

BECU does offer a two factor authentication process for Online Banking. The first authentication is User ID and Password, while the second authentication is a Security Question or the Text Message Verification.

You may modify your security options in Online Banking by logging in and selecting Edit Profile >> Manage Security Options. Here you will be able to change your security questions or enroll in the text message verification option.

I hope this is helpful! If you have additional suggestions, you are welcome to use the “Send a Suggestion” link, located at the bottom of our home page, or you can visit the Member Idea Exchange (MIX). This is an interactive forum where our members can collaborate with one another to provide suggestions to our community managers for review. After a suggestion is submitted you can monitor the progress as we review the idea for approval and possible implementation.

Thanks again for reaching out to us and I hope you have a wonderful day!

 

Q. Hello - Your two-factor authorization system is intermittent. It needs to be applied to every log in instance. Otherwise it is insufficient to protect access to the account. Thanks.

A. Thank you for your reply. Our 2FA authentication system is designed to learn the signature of your computer or mobile device and not ask for additional authentication on a trusted device. If something happens on your trusted device, such as a missed or reset password or an unusual transaction, you may be asked to enter in the authorization codes for a period of time afterwards.

BECU uses cookies, your IP address and several other factors to determine if the location you are logging in from is a trusted device. If you update your browser, clear your cache, cookies, and history, reset your router or modem or your ISP updates your address, we may not recognize your trusted device for a time.

Also, if BECU is notified of a threat, such as an email from someone pretending to be with BECU going to our members, we may ask for additional verification for a time.

BECU takes the security of your accounts very seriously. However, we do want to balance security with the convenience that our members have come to expect from our website and app.

I hope this will help to explain why you are not always asked for secondary authentication on every log in. Please let us know if you have additional questions.