Sponsored

Migration email / letter

Capped4

Pro Member
Having recently received an email and a letter from fast4 informing of the migration to surfmax, I was astounded to see both my new username AND MY PASSWORD clearly printed on each document. Isn't this playing fast and loose with my security? I have, of course, changed my password.
 

Paulplex

ISP Rep
Having recently received an email and a letter from fast4 informing of the migration to surfmax, I was astounded to see both my new username AND MY PASSWORD clearly printed on each document. Isn't this playing fast and loose with my security? I have, of course, changed my password.
When you signup with any ISP, you normally get a letter or email to confirm your account details for access to the service; how is a letter mid-way through your service to advise about a change of username any more or less secure than the first one?

The username and password quoted on the letter is your username and password for internet access via your ADSL modem or router; it's addressed to the contact details given to Fast4 by the customer.

It's fair to say that no method of delivery is secure - I discovered a couple of years back for instance that a new bank card was sent by the bank to one of my previous addresses and then used for online purchases by the new occupants of that address :eek: - however, if the bank are willing to risk new bank cards for their customers in the post, the far less sensitive details of a customers ADSL username and password by mail shouldn't be a problem either. Many companies confirm access details by post; register a .co.uk domain name for instance and you'll receive within a month or two a letter from Nominet confirming how to access a control panel with them to update the records associated with that domain; if somebody unscrupulously wanted to intercept that letter, login to Nominet and change the records so they could steal that domain name, thats a possibility; however if there is important information to get to the customer, it's generally best by post.

Hands up all readers of this forum who were sent a letter or email by their ISP when they signed up to confirm the connection details they should be using to connect to their new service; I think most forum readers would be waving right now :nod:.

How is a letter to confirm login changes due to the network backbone provider having changed any different? We get a lot of customers who call to complain that they don't receive invoice receipts for subscriptions by email for instance - but then the customer confirms that the contact email address they gave us to reach them on isn't an email account they check anymore :shrug:. So if we'd sent this information by email and not by post, I can imagine somebody else on this forum posting a complaint to say they weren't advised at all about the need to change their login details to connect correctly.
 

lobster1

Regular Member
am i right or wrong in thinking that the adsl username and password is only going to be usable on that specific adsl line anyway, so not much of a security risk unless someone wants to break in to your house to do a bit of surfing.
ive had the details sent by both email and snail in the past.
 
Lobster the Username and Password can be used on any ADSL line that is enabled with the specific ISP. In terms of Fast 4 contacting the users this was the best way after consideration to reach all users and inform them of the necessary changes.
 

Essex Guy

Top Member
The Username and Password can be used on any ADSL line that is enabled with the specific ISP.
Well I never knew that. I assumed the phone number would also have to match the user account login.
 

Capped4

Pro Member
I could have phrased the post better.... I meant to ask primarily if this posed any security threat (could someone else sign on and use bandwidth applied against my account) I seem to remember being sent password and username separately originally, and IIRC part of the t&c include not divulging these to any third party. In view of the original precautions< I thought it strange to include both on one communication - particularly as "your password is unchanged" would suffice?

And, yes banks do send cards through the post (mine sends them registered post BTW) but the PIN number is ALWAYS sent under separate cover, on a different postal day.

My postal service is really quite poor, often receiving post destined for neighbours, and I doubt if this varies greatly throughout the country.
 

timeless

ULTIMATE Member
Staff member
Volunteer Mod
so lm assuming that this same password gets one into the management area of the account and also allows access to the email account?

on another note lm not sure here but if other users who are connected to the same ISP could probably use your details, however ld assume this because BT has pointed things in the same direction ld assume to allow authentication on said ISPs realms
 
email passwords and accounts can be different from the password associated with thier login on to the ADSL platform. This is up to each end user if they have altered this.
 

lobster1

Regular Member
Well I never knew that. I assumed the phone number would also have to match the user account login.

thats what i always thought, well you learn something new everyday.
you would have thought it would be quite easy to set up for an adsl account to only work with its specific tel line no.
i seem to remember there were a couple of dial up isp's (cant remember which ones)where you could only log in from your own tel line, good for security but bad if you were away from home with your laptop.
 
the line specific would cause more issues when migrating and mean the overall supplier :) would have to do more work on the users line to move them.....
there were origianlly a few isp's where your account was line specific however with the travelling that many people do these days it proved not to popular, this was done by logging the telephone number in the authentication server, and checking this when it dialed in, but then many were open gateways for your telephone number and didnt require Username or password....
 

timeless

ULTIMATE Member
Staff member
Volunteer Mod
email passwords and accounts can be different from the password associated with thier login on to the ADSL platform. This is up to each end user if they have altered this.
l do notice allot of ISPs have the main email (username) set as the authenticating account and generally changing that password means password changing in the router, altho way back l had to make do with what l was given with my first ADSL ISP
 
the email address the user can sign up, can be different from thier ADSL login, this is up to user when they are completing thier sign up.
 
Top
Promotion
Cheapest Superfast ISPs
  • Hyperoptic £21.00 (*25.00)
    Avg. Speed 50Mbps, Unlimited
    Gift: £50 Shopping Voucher
  • TalkTalk £21.95 (*36.00)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • Post Office £22.90 (*37.00)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • Direct Save Telecom £22.95 (*29.95)
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • Onestream £22.99 (*34.99)
    Avg. Speed 35Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Promotion
The Top 20 Category Tags
  1. BT (2528)
  2. FTTP (2246)
  3. FTTC (1671)
  4. Building Digital UK (1615)
  5. Politics (1442)
  6. Openreach (1428)
  7. Business (1255)
  8. Statistics (1108)
  9. FTTH (1101)
  10. Mobile Broadband (1054)
  11. Fibre Optic (977)
  12. Ofcom Regulation (922)
  13. 4G (917)
  14. Wireless Internet (917)
  15. Virgin Media (868)
  16. EE (601)
  17. Sky Broadband (598)
  18. TalkTalk (583)
  19. Vodafone (531)
  20. 3G (416)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules