Mainfrog2. Yes - The correct way for the bank to do this is have you select a password. To log-on the bank's internet site asks for a random set of letters from your password e.g.

1. Type the sixth letter of your password here ->
2. Type the second letter of your password here->
etc.

Next time someone logs on a different set/order of letters is asked for. This renders key loggers useless for the kind of attack described above.

What mainfrog describes is what natwest.co.uk do. So move there if your bank doesn't do this or something similar.