[zxoq]

My bank is a lot more careful then this. I actually called them a few days ago to get a password, and they asked:

* SSN?

* Full name?

* How long have you been with the bank?

* How many accounts do you have?

* Do you have a business account?

* How many business accounts?

* What's the name of the business?

* Have you set up auto-debit?

* Have you set up electronic-debit?

* To what companies?

* What was your last charge on your credit card?

* Do you have any monthly transfers set up?

* For what amounts?

* Do you have any loans?

* Do you own any investment funds?

* Which?

* Have you reset the password before?

* <My security question>?

* How many two-factor auth thingies do you have?

* Serial number on your two-factor auth thingy?

* Model of the above?

Are the questions I recall. So at least not every bank is careless enough to only require you to name a recent transaction.

[Tyrannosaurs]

I've had this recently.

The banks seem to have worked out that they have access to a reasonable amount of information that they can use it in this way.

The answers weren't easily guessable and there was a threshold so you didn't need to get everything right which allows them to make the questions a little trickier.

The system wasn't perfect - if you broke into my house and got my papers you could probably get past it - but it was a million times better than asking where I went to school.

[chimeracoder]

What bank? Seriously, I will consider switching.

Including business accounts and brokerage accounts (which are often handled separately with different security processes), I've had numerous accounts with many different providers, and never had anything close to that level of security.