Westpac Have Finally Changed Their Password Requirements Allowing for Longer Passwords

ozbs25 on 11/04/2024 - 13:09
Last edited 11/04/2024 - 20:32

Westpac have finally changed their password requirements allowing for longer passwords. My wife got a notice to change her password when she logged in today. I did not. I couldn't find any news or notice about it at all. I had to manually change the password by clicking on "Forgot customer ID or password" at the login screen. Yes, this does seem to be the only way. You don't seem to be able to change the password after you've logged in.

I don't remember all of the password requirement details but you can go all the way up to 30 characters including special characters. I just did a random 30 character password via my password manager and it was accepted.

Edit: I found where you change your password after you log in. It's in Service -> Preferences -> Security.

When I googled, Westpac help sent me to the method I first stated.

Financial

Related Stores

Westpac
Westpac

Comments

    • ozbs25 on 11/04/2024 - 13:28

      Sorry? I didn't say that my new password wasn't working. My new 30 character password is working. Westpac's change password method is just very strange.

  • c64 on 11/04/2024 - 13:50
    +3

    probably took this long for them to upgrade their banking system from cobol

    • mskeggs on 11/04/2024 - 15:35
      +1

      I'd be surprised if they weren't still using a bunch of cobol. A bunch of core banking apps will likely never be replaced, because they are proved to work. This sort of password stuff will be a bit of integration still talking to the core system.

  • hocus on 11/04/2024 - 13:54

    These are the new password parameters:
    "We’ve updated our password requirements. Your new password must:
    *be between 8 and 30 characters
    *include at least 1 number, 1 letter and 1 special character (@#%^ etc)
    *have no more than 2 repeating characters (AAB not AAA)
    *not contain spaces
    *not be the same as your last 3 passwords
    *You can use both upper and lower case letters."

    • ozbs25 on 11/04/2024 - 13:59

      Thanks!

    • djsweet on 11/04/2024 - 17:38

      still dumb requirements.
      1 number, 1 letter and 1 special character is among the most annoying and useless of password requirements.
      And no spaces? Like why not? Is a space not a valid character now or something.

      • Chandler on 12/04/2024 - 09:18

        Spaces can be problematic for some systems to parse, as it would likely then need to use terminator characters (i.e. ") to enclose the string, but then if they're allowing those characters mid-string, then how do you know where the string starts and ends:

        key = get Password = "hunter2"

        Which group of characters is the password? If spaces (and " and =) are legal characters, it could be the whole line. Have enclosed some grouping options in square brackets to demonstrate below… but then the square could be part of the password too…

        [key = get Password = "hunter2"]
        key = [get Password = "hunter2"]
        key = get Password = ["hunter2"]

        Much simpler to use whitespace as a delimiter. Same groupings below, with whitespace removed in the passwords (and not using the square brackets to highlight them):

        key=getPassword="hunter2"
        key = getPassword="hunter2"
        key = get Password = "hunter2"

  • Nillionaire on 11/04/2024 - 14:16
    -1

    Is their app still ugly?

  • mapax on 11/04/2024 - 16:37

    It’s been available for months. I updated mine in the first week of January.

    • ozbs25 on 11/04/2024 - 16:46

      They should have notified us a bit better then. Why only prompt some of us and not all of us?

      • Switchblade88 on 11/04/2024 - 20:16
        -1

        Sounds like easy scammer bait based on real activities:

        We've improved our security! Click here to reset with a stronger password.

        Otherwise, copy and paste this link into your browser: https://r.mtdv.me/westpac

        Sincerely,

        Westpac (For real, we promise)

        • ozbs25 on 11/04/2024 - 20:18

          I'm talking about right as you log in. My wife got a prompt taking you to a screen forcing you to change your password and going through the new requirements. I did not. They should/could have prompted everyone as soon as the changes went through.

          • Switchblade88 on 11/04/2024 - 20:27

            @ozbs25:

            They should/could have prompted everyone as soon as the changes went through

            And deal with thousands of customers who can't get it to work? And then those who immediately forget the new password? Their IT budget is obviously not that big, they're not going to employ a whole 'nother team just to helpdesk your clueless grandparents who were forced to reset their password and can't figure out what's going on.

            At least a staggered rollout reduces the overall pressure.

            • ozbs25 on 11/04/2024 - 20:30

              @Switchblade88: I suppose that is true. Should at least let us know the changes are in place so you can take advantage of it.

Login or Join to leave a comment
Login Join