Welcome to Community at BECU, a place for anyone who wants to talk about money, saving, investments and everything in between. Have a question or just want to get the community’s opinion on something? This is the place. It’s a great resource for peer-to-peer advice, access to the latest BECU news and behind the scene’s insights from BECU’s experts.
I keep seeing BECU refer to multi-step authentication as multi-factor authentication. Please implement REAL multi-factor authentication. You need more than one factor (something you know [passwords, security questions, text messages, emails] , something you have [a key fob, a cellphone], something you are [biometric data]). A text message counts as something you know since there is no security in place to guarantee the text is received by a particular phone. Same with email. You need an authenticator app which registers the physical device. Please implement the option to use authenticator apps as a second factor. We should be able to register multiple authenticator apps so we can use a second smart device as a backup should our primary crash or get lost. Please do not allow recovery codes to be sent by email or text since that makes recovery an easy workaround to the security. Since you are a bank, people can even come in and prove their identity for recovery so no flimsy, easily-hackable option should be forced on us.
... View more