Slashdot Mirror


Changing Customers Password Without Consent

risinganger writes "BBC News is reporting that a customer had his password changed without his knowledge. After some less than satisfactory service the customer in question changed his password to 'Llyods is pants.' At some point after that, a member of staff changed the password to 'no it's not.' Requests to change it back to 'Llyods is pants,' 'Barclays is better,' or 'censorship' were met with refusal. Personally I found the original change funny, like the customer did. After all, god forbid a sense of humour rears its ugly head in business. What isn't acceptable is the refusal to change it per the customer's requests after that."

26 of 435 comments (clear)

  1. Re:Plaintext passwords? by Al+Dimond · · Score: 5, Funny

    And I thought I had a shot at getting this in first...

    Maybe he should make his new password "Lloyds security is pants"

  2. Re:My Password by halcyon1234 · · Score: 4, Funny

    My password is the middle step in any profit plan. Now I can't remember what it is. I hope my cookies never expire.

  3. Ok, and... by narcberry · · Score: 5, Funny

    I read the article and it only reports half the story.

    Sure he tells us all about his password and what he is using. But what was his account name?

    --
    Modding me -1 troll doesn't make me wrong.
  4. I once had a funny incident with some website. by CrazyJim1 · · Score: 5, Funny

    I called in and asked,"Can you give me my password?"
    Him "Ok give us your information."
    Me: I gave him my information.
    Him"You want your password now?"
    Me:"Yes please."
    Him,"Biteme."
    Me:"What?"
    Him,"Biteme is your password."
    Me,"Oh... Thanks..."

    I made a mental note,"Do not make passwords that will embarrass me if I have to call in the phone"

    1. Re:I once had a funny incident with some website. by dmneoblade · · Score: 3, Funny

      Alternately, DO make passwords that will embarass people if used over the phone. Great way to slip in a little casual trolling. For added bonus, use a passphrase that is the entire lyrics to a song. For traditions sake, Fresh Prince of Bel Air and Never Gonna Give You Up are excellent choices.

      --
      Warning, knife is sharp. Please keep out of children.
  5. Re:Plaintext passwords? by Psychotria · · Score: 5, Funny

    That was a bit silly. Now I can just ring the bank and say my name is "Anonymous Coward" and my password is "Cottage Rd". This means I can transfer all of your funds... didn't think of that did ya!

  6. Re:Plaintext passwords? by brianjlowry · · Score: 5, Funny

    You act like they are storing important information in the DB... like it is a BANK or something.

  7. Important message to Lloyds customers by Anonymous Coward · · Score: 5, Funny

    My Dearly Beloved Lloyds customers.

    I encourage you all to change your passwords to Lloyds is pants in protest at this stupid bank's actions.

    Thank you sincerely for your cooperation.

    Mrs Mariam Abacha, Lagos, Nigeria

  8. Re:Plaintext passwords? by QuantumG · · Score: 5, Funny

    Yes, my voice password is "billy'; drop tables;", type it in muppet!

    --
    How we know is more important than what we know.
  9. abscissa here by Anonymous Coward · · Score: 3, Funny

    Who changed my password?

  10. Re:I'm more disturbed by the fact... by zobier · · Score: 4, Funny

    Let's petition CmdrTaco to banish samzenpus to Idle, where his delusions of adequacy will better fit in.

    Let us start tagging idleispants.

    --
    Me lost me cookie at the disco.
  11. fun with passwords by Eil · · Score: 5, Funny

    Until a few months ago, I did some helpdesk work at a web hosting provider. When a customer calls in, we are required to make them verify that they are the account holder by telling us either the last four digits of their credit card or their hosting account password (which they specify when they're signing up for service).

    One day, a new customer calls in and says he's having some trouble setting up DNS and would like some advice. He's maybe in his late teens or early twenties He gives me the account number. I notice that he makes his payments via PayPal. When I see his password, I hit mute on the phone and giggle for a few seconds. After my composure is somewhat regained, I unmute and ask him to verify his account password for security purposes.

    You could almost hear him tense up. When he starts stuttering, I was sure he never stopped to consider that he might have someone

    "Ummm, uh, it's fuckyou2dickhead."

    I helped him through his DNS questions as politely as possible and we got along pretty well. Before hanging up, he asked if there was a way he could change his password online. I said yes, through our monitoring and billing system.

    He gave a huge sigh of relief.

  12. Re:My Password by Fantastic+Lad · · Score: 4, Funny

    "I hope my cookies never expire."

    That should be on a Tee-Shirt.

    -FL

  13. Re:Plaintext passwords? by AuMatar · · Score: 4, Funny

    I prehash all my passwords. That way only the hash of the hash is stored in their db. Its more secure that way.

    --
    I still have more fans than freaks. WTF is wrong with you people?
  14. Re:Plaintext passwords? by Jedi+Alec · · Score: 5, Funny

    From the article it sounds like a voice code phrase to authenticate yourself over the phone. They staff has to be able to see it to verify it. It isn't a computer password.

    "I am the systems administrator. My voice is my password. Verify me."

    --

    People replying to my sig annoy me. That's why I change it all the time.
  15. Re:Clarifying for Americans by ben0207 · · Score: 5, Funny

    Does anyone else find it quaint when yanks try to comment on the English language?

    They always manage something that is nearly completely wrong, but right enough to see where they were going before they were distracted by something to eat or a TV.

    --
    cmd-q.co.uk - some sort of stupid fucking internet bullshit
  16. Re:Plaintext passwords? by MrMr · · Score: 4, Funny

    Now in this case, the choice of the password might be deemed offensive
    When you think a 'plc.' can be offended you are antropomorphizing abstract legal entities. Don't do that; they really hate it.

  17. Re:Plaintext passwords? by MrMr · · Score: 4, Funny

    Seriously. I love to explain jokes.
    Lloyds is a plc.
    Go search for antropo and see what to offend means.
    Now try to imagine an offended Plc.
    And hand in your geek card.

  18. Re:Clarifying for Americans by QuantumG · · Score: 4, Funny

    Wow, so basically your world view is that there are people from the UK and there are people from the US and no-one else exists?

    I guess that's almost better than the average American's grasp of geography.

    --
    How we know is more important than what we know.
  19. Re:It's still retarded security by Anonymous Coward · · Score: 5, Funny

    And who's to stop them from calling after hours and pretending to be you?

    Perhaps the fact the call center would be closed after hours?

  20. Re:Plaintext passwords? by Warshadow · · Score: 4, Funny

    No, No, No. "My voice is my passport verify me" :D

  21. Re:Plaintext passwords? by Cow+Jones · · Score: 5, Funny

    RTFA, its a phone banking password

    So, unless I misread TFA, we now know that Mr. Steve Jetley from Shrewsbury has a phone banking account with Lloyds, and is unable to change his password to anything else than "no it's not". Mr Jetley said he was still trying to find a suitable password which met the conditions.

    Excuse me, I have to make a phone call...

    --

    Ah, arrogance and stupidity, all in the same package. How efficient of you. -- Londo Mollari
  22. Re:Plaintext passwords? by Bender0x7D1 · · Score: 5, Funny

    Does your phone company, who own the systems that your phone calls go through, have the right to let their operators listen in on your conversations and interject with witty remarks every now and then?

    I live in the U.S. and am offended by the implications in your statement. Of course they have the right! How else would they find the terrorists?

    --
    Reading code is like reading the dictionary - you have to read half of it before you can go back and understand it.
  23. Re:It's still retarded security by mhall119 · · Score: 4, Funny

    Better yet, read your public key to the teller, who then generates some random data, encrypts it with your public key and the bank's private key, then reads out both the cipher text and their public key over the phone to you. You then decrypt the data, and re-encrypt it with their public key plus your private key, and read the cipher text back to them, over the phone.

    Of course, you'd want to call them first thing in the morning, so you can finish the transaction before close of business.

    For efficiency, you can both keep a copy of each other's public keys after the first transaction, but you'll then need to read the contents of your respective revocation lists to each other, to make sure they're still valid.

    --
    http://www.mhall119.com
  24. Re:Plaintext passwords? by Anonymous Coward · · Score: 4, Funny

    What are you supposed to do, SHA-1 hash it in your head before reciting the hex digits over the phone to the operator?

  25. Re:Plaintext passwords? by orgelspieler · · Score: 4, Funny

    I think you just failed the Turing Test.