cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

FIbre Support

Get expert support with your Fibre connection.

New "Exciting" Login System Here?

Cluster-Lizard
Super Duper Contributor
Private Message TalkTalk
Message 19 of 19

Why? "Exciting...." really?

 

Changes to the login method often causes problems so why risk doing that  for something that was not broken, worked and is, apparently, little different in appearance/functionality from what was used previously. Change for the sake of change?

 

Please do not use the 'updated security' excuse because all that means is the previous system was vulnerable which is never a good thing to tell your customers.

0 Likes
18 REPLIES 18

Message 1 of 19

LOL.

0 Likes

AllyM
Philosopher
Private Message TalkTalk
Message 2 of 19

Just got a new on here tonight:

Entered the code from the email and was presented with a "Verification Unsuccessful" error screen.

I refreshed the page and found myself logged in LOL.

Still a few little bugs running around in the system I think.

 

0 Likes

KeithFrench
Community Star
Private Message TalkTalk
Message 3 of 19

I was just trying to point out that the simple username & password can only be safe if you use a complex password, but even then, as the password is transmitted over the internet, it is subject to theft via phishing etc. The passwordless never sends the password over the internet & cannot therefore be stolen. However, the main thing with SSO is that it simplifies the logon in so much as you don't need separate accounts for the two systems.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

Cluster-Lizard
Super Duper Contributor
Private Message TalkTalk
Message 4 of 19

AllyM understood the 'problem' perfectly but we're not going to be able to change the new system, I'd already accepted that when I started the thread.

 

I just wanted to point out it is less convenient and whether it is 'safer' or not is questionable for the reasons I mentioned earlier. A simple forum password system is still considered safe by far the majority of forums.

 

It just seems to me that the reason for the change is actually the change, linking the Community/My Account logins. Doing that does require better security because there is more risk involved but it is very much a fait accompli.

0 Likes

Message 5 of 19

@StephenF ,

It was doing that all the time but now it has suddenly started to work in the correct way.

 

KeithFrench
Community Star
Private Message TalkTalk
Message 6 of 19

Hi @Cluster-Lizard @AllyM ,

 

There is one point that has not been made here, the new login system is much more secure than before and it is not that the old authentication method was insecure at all.

 

When you have username/password credentials the weak point can be the person's password, is it a strong one made up of random characters, numbers & special characters or is it something like "password"? Then it is open to hacking etc because that password is sent over the internet. With SSO TalkTalk has also introduced the passwordless login on both linked accounts. This is much more secure because there is never a password transmitted over the internet at all for the bad guys to steal.

 

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

StephenF
Community Manager
Staff
Private Message
Message 7 of 19

@Cluster-Lizard wrote:

Why? "Exciting...." really?

 

Changes to the login method often causes problems so why risk doing that  for something that was not broken, worked and is, apparently, little different in appearance/functionality from what was used previously. Change for the sake of change?

 

Please do not use the 'updated security' excuse because all that means is the previous system was vulnerable which is never a good thing to tell your customers.


Thanks for your feedback, if there is a specific issue you're facing with login do let me know. if you're concerned about security then you can enabled MFA for your login, this can be done in My Account however it will add  one more step to your login journey but in my opinion worth it for the extra peace of mind. 

Stephen, Community Manager

StephenF
Community Manager
Staff
Private Message
Message 8 of 19

@AllyM wrote:

I wouldn't exactly describe the new system as "little different" than it was before. It's now much more of a pain.

 

The previous system was quite simple:

  1. Go to community webpage
  2. Enter Username and password

Hey, presto, logged in.

 

New system:

  1. Go to community webpage
  2. Enter email address
  3. Go to email to get security code (sometimes need to wait a few minutes for it to come through)
  4. Enter security code in community webpage
  5. Get redirected to My account log in and login to "My Account" (whether you wanted to or not)
  6. Go back to community webpage to find yourself logged in (hopefully)

 


Hey @AllyM 

Thanks for the feedback. I have some questions about your post to help me better respond but what I can say is that what you've shared is not the desired login journey so something does seem to be wrong and i'm very happy to investigate this. Logging into community, from the community should be as simple as:

  1. Visit community 
  2. Select the login link in the header
  3. Enter email 
  4. Enter 6 digit code from email 
  5. Your in

At no point in the above should you be directed to the myaccount login page. It does work, in that you can log into myaccount and then navigate to community without logging in again however it shouldn't take you to myaccount when logging into community, this seems to be a bug if this is happening. 

 

Does it happen all the time? if so are you able to take a screen recording? 

Stephen, Community Manager

Message 9 of 19

It's been a recurring theme with newcomers over the years, @AllyM, but probably didn't attract your attention if the status quo suited you.

 

Anyway, the forum won't be reverting back to the previous method of sign in, so we will all have to get used to it.

Gliwmaeden2, a fellow customer.
0 Likes

ferguson
Community Star
Private Message TalkTalk
Message 10 of 19

I think for regular users the changes may seem tiresome. For the many who simply stop off for a single visit around a specific issue it should be easier. Especially when they are often directed here by the help pages and/or My Account and then wonder why they have to complete yet another set of details to have their identities verified. 

0 Likes

Message 11 of 19

@Gliwmaeden2 wrote:

The trouble is some customers used to give the forum flack about the community account and My Account not being linked!

 


 

I'll take your word for it but I don't personally remember that, and I don't understand why anyone would be upset that they weren't "linked".

 

 

 


@Gliwmaeden2 wrote:

At least the pin helps security  - just takes longer. Don't forget to sign out because while signed in, both accounts are accessible. 


 

Doesn't it mean that people are probably more likely not to log out though as it's such a pain to log back in.

 

 

 


@Gliwmaeden2 wrote:

Basically the forum manager listened to feedback  - obviously they cannot please all of the people all of the time. 


 

It seems to me that they have decided to annoy about 99% of people to please about 1%

 

Message 12 of 19

When you think of the trouble they went to to make sure people's account billing email is not a Talktalk address, it does seem a bit contradictory, @Cluster-Lizard.

 

The trouble is some customers used to give the forum flack about the community account and My Account not being linked!

 

At least the pin helps security  - just takes longer. Don't forget to sign out because while signed in, both accounts are accessible. 

 

Basically the forum manager listened to feedback  - obviously they cannot please all of the people all of the time. 

Gliwmaeden2, a fellow customer.
0 Likes

Cluster-Lizard
Super Duper Contributor
Private Message TalkTalk
Message 13 of 19

With respect using a single sign-in, effectively using the same login name/password, is not safer. Maybe more convenient for some but it is almost the first thing you're told not to do online for security reasons is use the same things for two places.

 

If someone hacked the TT Community database would it bother me - no I'd change my password and not really worry. But now doing that will give them access to My Account too. That would be serious. There may be more security with Multi-Factor Authentication but you're surely you are just putting all the eggs into one basket.

 

If it also means have to use one-time email codes, captchas or other similar annoyances on top of the password system just to login in here I'm not going to be happy. 

 

EDIT

As I thought: just posted this ^ on a different PC and had to go through the whole email one time code all over again. As I always log out of My Account, for security reasons, it looks like every time we want to come here now we'll be going through this whole rigmarole from now on. Yay! 😞

  

0 Likes

Message 14 of 19

Having signed out of Community on a previous day I find that the following is best:

 

  • Login to MyAccount
    (email address and password)
  • Authenticate the login
  • Open Community and I'm automatically logged in.

GondolaCommunity Star 2017-2024

  Like below to appreciate my post . . . Mark as solved  Accept as Solution

0 Likes

Message 15 of 19

I don't get redirected to the My Account log in, @AllyM.

 

After entering the security code, I'm straight into the community. Will flag this up. 

 

I find that if I do a search for anything to do with Talktalk in my billing email inbox it draws up the relevant latest email with the pin number more quickly than if I just wait and twiddle my thumbs until it surfaces.

 

Yes, rather cumbersome. More secure, and means staff and CSs won't have to spend so much time batting away scammers and spammers.

 

Should just be genuine customers logging in under the new system. 

Gliwmaeden2, a fellow customer.
0 Likes

AllyM
Philosopher
Private Message TalkTalk
Message 16 of 19

I wouldn't exactly describe the new system as "little different" than it was before. It's now much more of a pain.

 

The previous system was quite simple:

  1. Go to community webpage
  2. Enter Username and password

Hey, presto, logged in.

 

New system:

  1. Go to community webpage
  2. Enter email address
  3. Go to email to get security code (sometimes need to wait a few minutes for it to come through)
  4. Enter security code in community webpage
  5. Get redirected to My account log in and login to "My Account" (whether you wanted to or not)
  6. Go back to community webpage to find yourself logged in (hopefully)

 

Gliwmaeden2
Community Star
Private Message TalkTalk
Message 17 of 19

It's not only more secure for you, @Cluster-Lizard, it should keep scammers and spammers out.

 

We've had a huge rise in people posting from Timbuktu etc and wasting our time at best, adding dodgy links at worst, which could take customers to dodgy websites etc if clicked on.

 

 

Gliwmaeden2, a fellow customer.
0 Likes

Gondola
Community Star
Private Message TalkTalk
Message 18 of 19

Stephen gets really excited by introducing new developments that lots of TalkTalk customers and Community users have been requesting. TalkTalk Blog on Single Sign On (SSO) for MyAccount and Community

 

A single sign on to the customer MyAccount and Community achieves this better experience along with more help and support content available in MyAccount that then links to  additional support available via Community.

 

The level of security is the same as for MyAccount. MyAccount does now offer Multi Factor Authentication for users that really wish to enhance access security via their mobile phone.

GondolaCommunity Star 2017-2024

  Like below to appreciate my post . . . Mark as solved  Accept as Solution

0 Likes