mikes1531
Member of DD Central
Posts: 6,453
Likes: 2,320
|
Post by mikes1531 on Dec 2, 2015 17:33:51 GMT
No one is forced to but stupid not to I would think I'd be happy to, but the need to re-enable it every fortnight in order to continue to use the site has put me off.
|
|
|
|
Post by Deleted on Dec 3, 2015 11:50:04 GMT
No one is forced to but stupid not to I would think Stupid can only be the person thinking to be more secure with such a system.... And I wrote code for major security systems...
|
|
t
Posts: 77 
Likes: 7
|
Post by t on Dec 3, 2015 12:11:53 GMT
Was it being compared to a major banking system or the old system ? just email and password I was com pairing to the later i wonder does mr or Mrs programmer of securety system invest in this site with this level of securety  |
|
|
|
Post by Deleted on Dec 3, 2015 12:28:57 GMT
Was it being compared to a major banking system or the old system ? just email and password I was com pairing to the later i wonder does mr or Mrs programmer of securety system invest in this site with this level of securety I judge risks individually. The risk of Lendy ltd defaulting (on some problematic deal/major backdown of the housing market) is FAR FAR higher than any hacker getting in the site with my credentials AND being able to add an external account to a differently named person AND find enough money to steal OR being able to sell my loans AND not get cought by Lendy OR me AND stopped in time before the withdrawal takes place. The "home" default is the only fear I have with this investment. Good luck with your illusions of being safe...
|
|
t
Posts: 77
Likes: 7
|
Post by t on Dec 3, 2015 12:56:01 GMT
Yes I agree with concerns over defalt
But for sure I am under no illusion of felling safe at all I do think about a down turn and how much the loss of that could be so yes there is great risk
I tend to deal with the poo when it hits the fan if not how could I invest my money for anymore than a few pc
|
|
|
|
Post by snappyfish on Dec 3, 2015 13:49:29 GMT
I got locked out due to password attempts, sent a email got un-locked. Now use token sms as verification. Works great  |
|
sl75
Posts: 2,092
Likes: 1,245
|
Post by sl75 on Jul 20, 2016 9:53:33 GMT
This may be old hat, but my six digit verification codes always being with "1". Anyone else? savingstream , seems unnecessary to limit the apparent randomness of the code to five digits rather than six. It seems to me there could be at least 3 good reasons for doing it that way: 1. It could "really" be a 5-digit verification code, but they add 100,000 to it for display purposes, so that they don't need to worry about ensuring that leading zeroes are displayed. 2. If someone's trying to hack your account (and unaware of this oddity) they won't necessarily choose '1' as the first digit, making it obvious for SS's systems to tell the difference between someone using an "old" verification code, and someone just trying random numbers. 3. Perhaps there's a scalable system design where the first digit of the code indicates which verification server generated it (and thus which to check the code against), and so far they've not needed more than one (or only very rarely need more than one if the verification system gets a DOS attack).
|
|
|
|
Post by GSV3MIaC on Jul 20, 2016 13:52:18 GMT
Even 5 is one more than the numpties at bank/credit card companies believe provides adequate security for chip & pin cards.
|
|
jonah
Member of DD Central
Posts: 2,031
Likes: 1,113
|
Post by jonah on Jul 20, 2016 19:03:25 GMT
Even 5 is one more than the numpties at bank/credit card companies believe provides adequate security for chip & pin cards. Or believe that the bad publicity and pain of resetting when people forget a longer version....
|
|
|
|
Post by wickedxuk on Aug 18, 2016 11:35:32 GMT
Old thread but a good read. I have now turned the token off. Not because I don't like it or that I don't think it improves security, it clearly does. Ive turned it off because my job means I can often not have mobile phone reception for weeks at a time. I nearly always have Internet access (through satellite). So for me, the token is a nightmare.
I would however like to see some alternate secondary security such as random characters of a memorable word; like my bank and like Collateral uses. I think this works much better.
|
|
nick
Member of DD Central
Posts: 1,056
Likes: 825
|
Post by nick on Aug 18, 2016 22:49:10 GMT
Old thread but a good read. I have now turned the token off. Not because I don't like it or that I don't think it improves security, it clearly does. Ive turned it off because my job means I can often not have mobile phone reception for weeks at a time. I nearly always have Internet access (through satellite). So for me, the token is a nightmare. I would however like to see some alternate secondary security such as random characters of a memorable word; like my bank and like Collateral uses. I think this works much better. One work around I have used when I have travelling overseas is to have the token sent to a public SMS message service. Any SMS's sent to the service provider's number is posted on a public website - no registration required. The webpage is public, but the token number by itself is of no use without your usual login details. There are a number of sites that offer this service - just google "receive sms online free". I think people usually use the service to avoid having to provide 3rd parties with their own phone numbers for privacy/avoid spam etc.
|
|
|
|
Post by wickedxuk on Aug 19, 2016 9:22:38 GMT
Thanks nick I will have to check that out. |
|
