St. George Bank password etc problem

[Peterbean]

This has been bugging me for some time. With most password storing systems you have two two things to enter, the log in and the passworld. However ST George uses those 2 plus account number.- well 3 factors I haven't used it for a while so the description is probably wrong. Last pass could not handle it . I haven't jumped ship yet but I'd be interested to get some tips from others . I can still get in on my old iphone, which means they are stored in apple I supose

Steve

[2Brix]

hi Steve, not quite sure what your problem/question? is......but i think what is quite common nowdays is '2 Factor Authentication' (2FA) whereby you go to your bank's website, log in by entering your account username (user ID) and password, then the website sends a 4 or 6 digit code by text message to your mobile number which you would have been required to associate with your account.

[Peterbean]

9 hours ago, 2Brix said:

hi Steve, not quite sure what your problem/question? is......but i think what is quite common nowdays is '2 Factor Authentication' (2FA) whereby you go to your bank's website, log in by entering your account username (user ID) and password, then the website sends a 4 or 6 digit code by text message to your mobile number which you would have been required to associate with your account.

Thanks, I know what you mean, Mac bank does that as do various others, but Not with St George. You need to put 3 factors in at sign in. Last Pass always tries Tom save the first 2 , so I’ve disabled LastPass on my PC and don’t currently have any passwords saved on it

[Kaynin]

Are you sure it's not a fake website?  I'm a St. George customer, have been for many years and this has always been my log-in screen.  Customer number and password, that's it -

 

[2Brix]

@Peterbean I'm not a SG Bank customer but what @Kaynin has posted sounds very concerning.  Sounds like top priority is for you to pause your online/web/phone banking until you can visit your local branch in person and confirm the correct webpage address and correct log in protocol. 

 

p.s. not that it really matters for this thread, but as an aside wrt terminology, i feel that you might be saying '3 factor' whereas it is probably '2 factor'.   The 1/2/3 factor (perhaps better understood as 1/2/3 layer) definition is explained here for example https://www.techtarget.com/searchsecurity/definition/three-factor-authentication-3FA

 

Hope you get it safely clarified soon.

 

 

Edited February 10 by 2Brix

[Peterbean]

y

[Kaynin]

I don't use a mobile device to log in, just Chrome on a PC, but the  log in address is different on mine.  Just call the bank and confirm, and if it's okay then tell them about your issue.  

Edited February 11 by Kaynin

[muon*]

Not sure if relevant, but when i put in https://ibanking.stgeorge.com.au/

 

I get a 403 Forbidden

 

Never mind, it works if I go through google.

 

Like Kaynin suggests, contact the bank.

Edited February 11 by muon*

[Peterbean]

Thanks guys 

[Neo]

The only difference is remember me, ticked or not. That’s why there’s a difference between 3 vs 2 authentication fields. 
No great mystery. 
Neo

ps the padlock sign in url means you are in secure site. 

[Marc]

7 hours ago, Neo said:

ps the padlock sign in url means you are in secure site. 

 

I wouldn't rely on that. Anyone can self-sign a certificate now.

It comes free bundled with most hosting packages.

[POV]

I bank with St George and I also have the 3 layers and have done for years.  I've never had an issue with dodgy transactions or anything.  This is the screen I use to access:

 

Edited February 12 by POV

[Full Range]

Banks in the past had 2 or 3 factor authentication 

In the past one could add another device or computer by authentication 

 

The trend now is to only allow one authenticated device to be used at any time 

 

‘Some banks have now started this process and now require to remove one device to authenticate a new device to use for banking 

 

[surprisetech]

2 hours ago, POV said:

I bank with St George and I also have the 3 layers and have done for years.  I've never had an issue with dodgy transactions or anything.  This is the screen I use to access:

 

 

Same here.  Our account with one of the other WestPac brands has the same logon dialog.

The addition of the 'security number' is an alternative to having 2FA via an SMS message or other means.

[TheBlackDisc]

If you use the phone app, you can login with just the security number.

[Peterbean]

On 12/02/2024 at 12:58 PM, POV said:

I bank with St George and I also have the 3 layers and have done for years.  I've never had an issue with dodgy transactions or anything.  This is the screen I use to access:

 

YES SAME AS MINE.

hOW DO YOU SAVE THE 3 ITEMS?  AND HOW DO YOU MAKE SURE IT SAVES THEM AS THE RIGHT THING? my pc is always trying to save the password to the security number or customer number etc

[rantan]

On 12/02/2024 at 2:41 AM, Marc said:

wouldn't rely on that. Anyone can self-sign a certificate now.

 

100%

 

What seems to be true isn't always true and I would be contacting the bank directly to seek clarification. Definitely worth the effort IMO.