We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Nationwide to start a new log in procedure.
Comments
-
I have been trying without success to logon since Monday via Egg Manager and still status showing as error.0
-
EMM probably thrown by something like the message announcing the change of login procedure - no problem logging in as normal.Rupert_Bear wrote: »I have been trying without success to logon since Monday via Egg Manager and still status showing as error.0 -
It looks like its only going to get worse
http://www.telegraph.co.uk/technology/internet/8108004/Forgotten-your-password-Ask-a-fraudster.html0 -
Rupert_Bear wrote: »I have been trying without success to logon since Monday via Egg Manager and still status showing as error.
Received an email today from Egg advising they are aware of the problem and are in dicussions with NW to resolve the issue. However should be working in about 7 to 10 working days.
Time will tell!0 -
I have to doubt the security of the new log-on process. The card-reader generates an 8 digit number. Try using an 8 digit number as your password on Hotmail and Hotmail will tell you it is a 'weak' password.
But there are a myriad of 8 digit numbers that will log you into your Nationwide account! Just try inserting the card into the card reader multiple times for the proof!
And if my card was cloned at a cash machine and my 4 digit PIN obtained, that would give a fraudster carte blanch to access ALL my accounts - not just the account to which the card is attached!
Currently, in order to drain my accounts, a fraudster would have to log-on using my customer number, memorable information and password and then have access to my bank card and PIN to withdraw funds. Under the new regime, a fraudster would no longer need my memorable information or password. That must be a retrograde step
I suspect that the new Log-on procedure will greatly increase the risk that Nationwide employees could perpetrate such a fraud.0 -
It generates a one-time-only 8 digit number.Paul_Varjak wrote: »I have to doubt the security of the new log-on process. The card-reader generates an 8 digit number.
But only one of them will work at any one time.But there are a myriad of 8 digit numbers that will log you into your Nationwide account! Just try inserting the card into the card reader multiple times for the proof!
If true, that one's more of a worry.And if my card was cloned at a cash machine and my 4 digit PIN obtained, that would give a fraudster carte blanch to access ALL my accounts - not just the account to which the card is attached!
Is the password no longer needed? That would be unusual...Currently, in order to drain my accounts, a fraudster would have to log-on using my customer number, memorable information and password and then have access to my bank card and PIN to withdraw funds. Under the new regime, a fraudster would no longer need my memorable information or password. That must be a retrograde stepConjugating the verb 'to be":
-o I am humble -o You are attention seeking -o She is Nadine Dorries0 -
Paul Herring...
To log on using a card reader you do NOT use a password!!! Look at the demo on the Nationwide website. You use only your customer number and the 8-digit passcode generated by the card reader.
The card reader can generate a myriad of 8 digit numbers that will log you in. As there is no communication between the card reader and the internet log-in procedure (other than by typing what is on the card reader display) then any of the valid 8 digit numbers generated by the card reader must be able to log you in (presumably with the proviso that a previously used number would not allow a log in).
So, when the new log-in process is enabled, use your card to generate TWO 8-digit numbers. Don't use the second number you generate, but the first one and I can guarantee it will log you in! How can the Nationwide website possibly know that you have used the card reader twice to generate two numbers?0 -
Paul_Herring wrote: »Until they start charging for (inactive) accounts.
I do hope not.;)0 -
Paul_Varjak wrote: ».
The card reader can generate a myriad of 8 digit numbers that will log you in. As there is no communication between the card reader and the internet log-in procedure (other than by typing what is on the card reader display) then any of the valid 8 digit numbers generated by the card reader must be able to log you in (presumably with the proviso that a previously used number would not allow a log in).
Doesn't follow. Each of the myriad 8 digit numbers generated will be valid for a limited period of time. I don't know how long - a minute or two maybe. Once that's elapsed it won't be validated at the Nationwide end.0 -
Paul_Varjak wrote: »I have to doubt the security of the new log-on process. The card-reader generates an 8 digit number. Try using an 8 digit number as your password on Hotmail and Hotmail will tell you it is a 'weak' password.
.
It's weak on its own and where an automated attack is possible. It's a whole lot stronger where there are other measures as well0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards