Zeroday 01100100011010010

Bank of America has made their web services so secure that even I can not login. And I am the account holder! The failure for my login ability stems from the myriad secondary questions that are all very personal in nature. These “passwords” would read like a diary of your life from place of marriage, honeymoon, graduation, and birth. I tend to fill these answers with random gibberish so no one can simply research public records and gain access to my bank account. The new security features ensure that no one that can’t answer one of these random questions can gain access. This must be done with every new browser installation, computer setup, or possibly once per session (if certain browser protocols are followed).
I offer the application engineers that BoA hired these articles. Study them closely:
http://www.google.com/search?q=security+versus+usability&seriously=usability_lost
It is a self inflicted version of this “attack” discovered by a small independent security group.