Hacker News new | ask | show | jobs
by dmitrygr 1503 days ago
Great, another product to warn everyone non-technical against. Never give your bank login to anyone. Ever. Seriously! Do not do it! By definition they must be stored reversibly-encrypted. They will leak, they will be decrypted! Do not do it!
1 comments
mrgreenfur 1503 days ago
I agree but what do you mean by " definition they must be stored reversibly-encrypted"?
link
dmitrygr 1503 days ago
This service will log in to your bank on your behalf to scrape the site, since not all banks have APIs. This means they will store your bank login and password somewhere. Store in a way that they can decrypt it so they ... you know ... can login on your behalf occasionally to scape the latest data. If they can decrypt it, so can whoever steals their database.
link