Monday, 14 October 2013

Self Service password

Password compromised on self issue machines. The big screen where you tap in the password should not be visible to others.

Thank you for sharing your concern. Please be reassured that that the University would not have invested in any equipment that would put personal account security in direct risk.
Although the keyboard is quite visible to the customer directly (and potentially to anyone else walking past) whatever is typed comes up as asterisk (*) so cannot be read. Someone could possibly  follow your hand movements and work out one or two digits of your password its true. It is however extremely unlikely that they would be able to distinguish your entire password. Equally it would be nearly impossible to match that password with your ID.

There have been no account breaches because of the screens in the years they have been in operation.