Think your password is a secret? No it's not

The BBC is reporting that a man who chose a telephone banking password with Lloyds TSB of “Lloyds is pants” (he wasn’t very happy with Lloyds at the time) had it changed to “no it’s not” by a member of staff. Apparently “Barclays is better” was also rejected. Lloyds TSB has said that the member of staff concerned no longer works there.

I’m a very happy Lloyds TSB customer, but I won’t use telephone banking until I get a two-factor token for authentication. Passwords should be secret, and even if the word is an expletive (which isn’t clever, they’re pretty high up the list on brute force password cracking dictionaries) then that should be my right to do so – after all, it’s nobody else’s business, is it?