[snowwrestler]

> The password is what secures the more valuable things inside the account (the money).

I think the broader point of the parent is that in banks, there is actually a lot more than just the password securing the money in the bank. There is careful surveillance of the activity of accounts at the bank--separate from the website login system, and backed by regulatory accountability and ultimately the police.

Unlike a modern service like Facebook or Google, your bank's website is not the same thing as the entire bank. When you log into your bank's website or app, you're logging into a public-facing system that in turn interacts with the "real" systems that the bank uses to manage money. Those "real" systems are secured in various ways too, and not just based on the web password.

I once attended a talk by Bruce Schneier talking about the resilience of the financial system. Beyond the prevention of bad actions (for example by authentication), he emphasized that the financial system is highly engineered to make it possible to recover from bad actions. That includes some technical means, but also methods of accounting, and insurance.