|
|
Post by bracknellboy on Jul 27, 2018 16:36:13 GMT
Maybe I'm an outlier, but I would never even consider having the a browser on my laptop autofill passwords. I don't care that its my laptop which is itself password protected. Just seems 'wrong'.
|
|
|
|
Post by bracknellboy on Jul 27, 2018 16:38:01 GMT
jayjay You should have a pin number on your phone which would prevent anyone gaining access to your browser. If you unlock your phone for a thief AND have Chrome autofill your passwords, then there is not much that AC can do to help. ... Assetz need to ask for selected letters of the password not the whole thing - this would put it on par with a number of my other accounts. OK, get that distinction.
|
|
|
|
Post by barneywol on Jul 29, 2018 8:47:54 GMT
I am against this 2FA palaver. I don't use a mobile phone, and having the landline ringing after midnight when I'm doing the finances after the wife has gone to bed is unacceptable. I've never heard of this Authy thing before, and am against installing unknown software that could easily pose a far greater security threat to my computer. Yes, HMRC uses 2FA, and as others have said, it is a right PITA, but at least I only have to fill in my tax-return once a year. I log in to Assetz several times a day, so this is just a nightmare to have to keep getting up to go to the landline phone. Oh, and WHY does the 2FA system a) use a 7-digit security number when even HMRC and my banks only use 4, AND THEN read it out down the phone line as "One million, two hundred and thirty four thousand, five hundred and sixty seven", instead of "One, two, three, four, five, six, seven" ?
Assetz very often sends us emails requesting us to vote on what action to take on a borrower who is in difficulties - I suggest they set up a vote on whether we want this 2FA system. If the majority don't, then simply don't do it. If they do, then it's just us few old moaners on here that don't like it, and we'll then know we are in a minority, and can quietly move to somewhere where we will be happy. But to impose such a major change without discussion is unacceptable, and seems to me like very bad business practice.
|
|
|
|
Post by westcountryfunder on Jul 29, 2018 12:11:02 GMT
It's odd the way Authy works!
I am coming to terms with this new Authy thing, but that doesn't mean I am impressed with it.
I have an ordinary non-smartphone Nokia, but I'm not in to mobiles and would prefer not to complicate matters with an additional device.
Fortunately I am willing to use Google-Chrome and the Authy extension on my laptops and desktop. It works OK, but it's odd the way it works. After logging on, Authy continues to generate codes every 20 seconds. This continues even when the browser has been closed down, and it is still there running on the desktop when I am just about to close down completely. OK, I can stop Authy manually, but just why does it continue running after logging on?
It doesn't matter, I suppose, but this software has not been thought out properly and it is a pity we are forced to use it.
My sympathies for anyone who is frustrated with this 'improvement'.
I find it difficult to see what is wrong with a good strong password (I use LastPass), and memorable information, which itself could be a lot broader in scope.
|
|
|
|
Post by barneywol on Jul 29, 2018 12:18:42 GMT
The critical difference between HMRC and AssetzCapital is that HMRC allow you to “authorise” the PC or device you’re using for the next seven days. Having done so, you don’t need to do 2FA for the next week regardless of how many time you log into check this or that. I think somewhere in this thread that AC have promised something similar (except for withdrawals). And again, I think AC have promised (way back in this thread somewhere) to have a nominated bank account for withdrawals. With that, then I believe 2FA is totally superfluous, unless you want to change your bank or password - when I'm very happy to have to jump through any number of hoops.
|
|
|
|
Post by bikeman on Jul 29, 2018 12:53:27 GMT
Every other service I use that uses 2fa, either call smy landline (hmrc) or texts me (banks). I have a windows mobile. My PC is a work laptop on which I cannot install browser extensions. How will I continue to access my AC account? I also have a Windows Mobile and I'm disappointed that the Authy app doesn't have a UWP version that would work on all Windows 10 flavours (including Mobile). However, they do have a desktop app which you might be able to install on your work laptop, because it's not a browser extension, just a normal desktop programme. But in your case the most convenient solution may be just to receive the authorization code by SMS and not use Authy at all. This would only be a problem if your phone is regularly unable to receive SMS for any reason (e.g. poor reception). The Authy app is completely optional. A couple of banks I use have 2FA by SMS and it works fine with any mobile OS, since SMS is universal and not app-dependent. Should have said the work laptop is locked down, can't install anything. SMS will probably be a problem because the signal at home is poor. I do have a landline. I'm expecting AC to provide a solution not just lock me out of my account.
|
|
lara
Posts: 345
Likes: 300
|
Post by lara on Jul 29, 2018 14:28:37 GMT
I also have a Windows Mobile and I'm disappointed that the Authy app doesn't have a UWP version that would work on all Windows 10 flavours (including Mobile). However, they do have a desktop app which you might be able to install on your work laptop, because it's not a browser extension, just a normal desktop programme. But in your case the most convenient solution may be just to receive the authorization code by SMS and not use Authy at all. This would only be a problem if your phone is regularly unable to receive SMS for any reason (e.g. poor reception). The Authy app is completely optional. A couple of banks I use have 2FA by SMS and it works fine with any mobile OS, since SMS is universal and not app-dependent. Should have said the work laptop is locked down, can't install anything. SMS will probably be a problem because the signal at home is poor. I do have a landline. I'm expecting AC to provide a solution not just lock me out of my account. You can receive the codes via your landline. It's not ideal to have the phone ringing every time you need to access your AC account but you are not locked out. And as has been mentioned, an opt-out is coming soon.
|
|
cb25
Posts: 3,528 
Likes: 2,668
|
Post by cb25 on Jul 30, 2018 13:05:51 GMT
"The peer-to-peer lender has emailed customers to say that using a tick box at their next login or in their profile would cut the number of times two-factor authentication is required."
I haven't received any such email, or noticed login changes.
|
|
|
|
Post by brightspark on Jul 30, 2018 13:16:14 GMT
"The peer-to-peer lender has emailed customers to say that using a tick box at their next login or in their profile would cut the number of times two-factor authentication is required."
I haven't received any such email, or noticed login changes.
I have just received such a notification.
|
|
|
|
Post by pedz14 on Jul 30, 2018 13:52:21 GMT
Tick box was there for me when I logged in just now.
|
|
baldpate
Member of DD Central
Posts: 549
Likes: 407
|
Post by baldpate on Jul 30, 2018 13:56:36 GMT
"The peer-to-peer lender has emailed customers to say that using a tick box at their next login or in their profile would cut the number of times two-factor authentication is required."
I haven't received any such email, or noticed login changes.
The tick box in question is not presented during login. You must navigate to your profile page once logged-in, where you will see the box.
|
|
cb25
Posts: 3,528
Likes: 2,668
|
Post by cb25 on Jul 30, 2018 13:58:59 GMT
"The peer-to-peer lender has emailed customers to say that using a tick box at their next login or in their profile would cut the number of times two-factor authentication is required."
I haven't received any such email, or noticed login changes.
The tick box in question is not presented during login. You must navigate to your profile page once logged-in, where you will see the box. I still haven't received any email from AC about this, but the tick-box was present when I logged in - on the same page where you enter the code.
|
|
SteveT
Member of DD Central
Posts: 6,875
Likes: 7,924
|
Post by SteveT on Jul 30, 2018 14:01:14 GMT
"The peer-to-peer lender has emailed customers to say that using a tick box at their next login or in their profile would cut the number of times two-factor authentication is required."
I haven't received any such email, or noticed login changes.
The tick box in question is not presented during login. You must navigate to your profile page once logged-in, where you will see the box. Yes it is, just below the box you type the 2FA code into
|
|
lara
Posts: 345
Likes: 300
|
Post by lara on Jul 30, 2018 14:16:49 GMT
Thank you for implementing this so quickly chris, it'll make a really big difference to me. Is the designated bank account still on schedule?  |
|
Monetus
Member of DD Central
Posts: 1,179
Likes: 2,961
|
Post by Monetus on Jul 30, 2018 14:18:26 GMT
Well done on allowing people to opt-out of this login change.
A sensible decision.
|
|
