🔐 Why do banks, supposedly the most secure institutions, still use such weak security measures?

Today, most banks use the national ID (DNI) as the default username.

And yes, in many cases, the password is still exactly 6 digits, no more, no less.

Add to that:

• No real 2FA (only SMS, which is easily intercepted).

• No detection for suspicious changes in OS, IP, or location.

• No basic controls that any decent SaaS product already implements.

The irony? We're told to protect our passwords, but the system itself limits security by design.

👉 If you know someone’s ID number (which in Spain is public in thousands of databases), you’re halfway into their account.

And then we act surprised when phishing or digital fraud skyrockets?

💭 As a dev and cybersecurity expert, I ask:

are we really protecting the money or just making it look safe?

#cybersecurity #banking #fraudprevention #infosec #startups #fintech #ux #devlife