Changing Customers Password Without Consent
risinganger writes "BBC News is reporting that a customer had his password changed without his knowledge. After some less than satisfactory service the customer in question changed his password to 'Llyods is pants.' At some point after that, a member of staff changed the password to 'no it's not.' Requests to change it back to 'Llyods is pants,' 'Barclays is better,' or 'censorship' were met with refusal. Personally I found the original change funny, like the customer did. After all, god forbid a sense of humour rears its ugly head in business. What isn't acceptable is the refusal to change it per the customer's requests after that."
And I thought I had a shot at getting this in first...
Maybe he should make his new password "Lloyds security is pants"
I read the article and it only reports half the story.
Sure he tells us all about his password and what he is using. But what was his account name?
Modding me -1 troll doesn't make me wrong.
I called in and asked,"Can you give me my password?"
Him "Ok give us your information."
Me: I gave him my information.
Him"You want your password now?"
Me:"Yes please."
Him,"Biteme."
Me:"What?"
Him,"Biteme is your password."
Me,"Oh... Thanks..."
I made a mental note,"Do not make passwords that will embarrass me if I have to call in the phone"
God spoke to me.
That was a bit silly. Now I can just ring the bank and say my name is "Anonymous Coward" and my password is "Cottage Rd". This means I can transfer all of your funds... didn't think of that did ya!
You act like they are storing important information in the DB... like it is a BANK or something.
My Dearly Beloved Lloyds customers.
I encourage you all to change your passwords to Lloyds is pants in protest at this stupid bank's actions.
Thank you sincerely for your cooperation.
Mrs Mariam Abacha, Lagos, Nigeria
Yes, my voice password is "billy'; drop tables;", type it in muppet!
How we know is more important than what we know.
Until a few months ago, I did some helpdesk work at a web hosting provider. When a customer calls in, we are required to make them verify that they are the account holder by telling us either the last four digits of their credit card or their hosting account password (which they specify when they're signing up for service).
One day, a new customer calls in and says he's having some trouble setting up DNS and would like some advice. He's maybe in his late teens or early twenties He gives me the account number. I notice that he makes his payments via PayPal. When I see his password, I hit mute on the phone and giggle for a few seconds. After my composure is somewhat regained, I unmute and ask him to verify his account password for security purposes.
You could almost hear him tense up. When he starts stuttering, I was sure he never stopped to consider that he might have someone
"Ummm, uh, it's fuckyou2dickhead."
I helped him through his DNS questions as politely as possible and we got along pretty well. Before hanging up, he asked if there was a way he could change his password online. I said yes, through our monitoring and billing system.
He gave a huge sigh of relief.
From the article it sounds like a voice code phrase to authenticate yourself over the phone. They staff has to be able to see it to verify it. It isn't a computer password.
"I am the systems administrator. My voice is my password. Verify me."
People replying to my sig annoy me. That's why I change it all the time.
Does anyone else find it quaint when yanks try to comment on the English language?
They always manage something that is nearly completely wrong, but right enough to see where they were going before they were distracted by something to eat or a TV.
cmd-q.co.uk - some sort of stupid fucking internet bullshit
And who's to stop them from calling after hours and pretending to be you?
Perhaps the fact the call center would be closed after hours?
RTFA, its a phone banking password
So, unless I misread TFA, we now know that Mr. Steve Jetley from Shrewsbury has a phone banking account with Lloyds, and is unable to change his password to anything else than "no it's not". Mr Jetley said he was still trying to find a suitable password which met the conditions.
Excuse me, I have to make a phone call...
Ah, arrogance and stupidity, all in the same package. How efficient of you. -- Londo Mollari
Does your phone company, who own the systems that your phone calls go through, have the right to let their operators listen in on your conversations and interject with witty remarks every now and then?
I live in the U.S. and am offended by the implications in your statement. Of course they have the right! How else would they find the terrorists?
Reading code is like reading the dictionary - you have to read half of it before you can go back and understand it.