It used to be that you only needed a username and password to log into your bank account online. Today they have images to help you visually verify quickly with a small probability of error that you are on the bank’s website and not on a phishing site. Select an image that most closely relates to you and they will show it to you after you enter a username each time you login. If you can identify with it, continue entering your sacred password and you’re in. It helps you to identify with the website, not the website identifying you.

There’s a flaw in this. Anyone can type in the username of your account and determine the image. A simple fetch of the page while a fake page is “verifying” your username can return the image.

So the new technology is to include your cellphone in the process. When you login, your cellphone receives a text message with a code that you suppose to type into the webpage. If the code matches, you’re given access to your account. This is great if you have a cellphone with unlimited text messages. If you can’t receive text messages, your account security isn’t as safe as it could be.

What if your phone is stolen? Just let customer support know and they will disable the feature. Then you just have to worry about the contacts and other information (like passwords) on your cellphone that you don’t have anymore. Security is only as good as the person or service that knows the key. Change your passwords and pin numbers often to avoid losing your money. It can take some time to reverse any compromises to your financial life.