Consider a user who wants to use a password manager for their banking passwords.

Question

Consider a user who wants to use a password manager for their banking passwords. Advice from banks usually says they should never write down their password. The user would be concerned about going against that advice, as it could mean their bank would refuse to accept liability for any fraud that may occur on their account.

So, can they use a password manager? Does storing the password encrypted count as writing it down?

This is a legal and policy question; I am already aware of the technical risks and benefits of using a password manager. Answers may be country specific (and even bank specific). I'm in the UK but I am interested in answers from anywhere in the world.

Explanation / Answer

I'm a lawyer in Germany. Here the special conditions between customer and bank are part of the contract. So we are talking about a clause in these special conditions prohibiting the use of a password manager.

I went to the site of my bank, drew the conditions and really, it says, the customer is not allowed to store the password on his PC.

So this clause forbids to store my pw on the PC. The question is, do I really store the password inside the password manager, or do I "store" something like 23%%4l5ksa0

Related Questions

Navigate

• Browse (All)
• Browse C
• Subjects