You’re right it was constructive 
but you’re suggestion a solution to a problem that doesn’t exist. How do I know that?
Monzo are liable if this enables security to be compromised so they have an incentive to fix it, if it’s broken, which tells us it isn’t.
So these posts frustrate me because a) no one in this community is an expert on security b) all they do is worry other users some of whom won’t have the context to judge how seriously to take these concerns c) it’s impossible for any of us to judge how much of an issue any of this stuff is.
But as I’ve said, Monzo have a financial incentive to make sure that their security is robust & as a bank, they have some of the very best people working on this.
Aside from that, it was a perfectly reasonable post!