Author Topic: when a login is not username & password  (Read 6736 times)

0 Members and 1 Guest are viewing this topic.

Offline sparcolus

  • Newbie
  • *
  • Posts: 4
when a login is not username & password
« on: March 23, 2018, 06:23:34 AM »
Some websites do not use a standard username and password. For example, bankofmelbourne.com.au uses 3 fields - a customer access number, a security number, and a password. Avast keeps trying to save the security number (a 4 digit pin) as the password, and then every time I go to the password field avast tries to generate a new password. It's quite confusing when that happens because I don't know what has been entered into the password field - is it what I typed, what avast just generated, or the password I thought I had saved in the avast app? Once I have manually entered the correct password (still not really knowing if it has not been overruled), avast offers to save my 4 digit security number as the password. Will this overwrite the password that I have already manually entered into avast?

In general, can avast be customised to websites that use logins which are not the standard username and password?

What can be done when avast is incompatible with a websites' security systems? I have found this to be the case for other banking websites - westpac.com.au require you to enter the password by using your mouse to click on a keyboard within the page. Are the banks trying to make themselves incompatible? Surely banking is the place where you need the most security, the best passwords etc...

Offline Martin Kvetko

  • Avast team
  • Sr. Member
  • *
  • Posts: 311
Re: when a login is not username & password
« Reply #1 on: March 23, 2018, 10:05:24 AM »
I have set the rules for bankofmelbourne.com.au so it should be working fine now
I will take a look if we can do something for you with westpac.com.au but in general banking sites invents very curious implementations of signing in. It is mostly just obfuscation which doesn't increase security at all, but looks uber secure for the users. Such weird login forms are causing troubles not only to our solution but even for native password managers built in browsers. When we find such case we are trying to implement logic which helps our users on such sites, sometimes it is possible sometimes not so it very depends on technical implementation of the login form itself.

Offline sparcolus

  • Newbie
  • *
  • Posts: 4
Re: when a login is not username & password
« Reply #2 on: March 24, 2018, 12:26:56 AM »
Thank you Martin for fixing bankofmelbourne, it works perfectly now!