We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Nationwide to start a new log in procedure.
Comments
-
Now this may surprise you but you CAN have more than one HBSC account signed up to a single dongle. Infact its quite flexible.
I have 4 accounts (business not sure if personal is different) and each of those requires me to have access as well as delegated access to different people in different areas.
So when I login I see all 4 accounts when the partners from the other business ventures login they only see their account.
I would still like it to request auth on transfers out / setup of dd's / standing orders etc ... oh and for them to sort the interface for recent credit card transactions out. (in this respect nationwide's interface is much better)
Ive been toying with binning my nationwide account in light of how they have treated savers recently in the last few years it seems all the benefits i.e cheaper overseas use etc has now gone. I was only really keeping it to prove customer loyalty if I ever applied for a mortgage with them.0 -
Since that's not what I implied, that doesn't surprise me at all, since the back-end servers at HSBC doing the verification will be the same in each case.infomonkey wrote: »Now this may surprise you but you CAN have more than one HBSC account signed up to a single dongle. Infact its quite flexible.
What you can't do is use the same dongle with an institution that doesn't use HSBC's servers.
For example the one I had was for AOL. I'm sure that I couldn't tie HSBC's dongle to my AOL account (or vice versa.)Conjugating the verb 'to be":
-o I am humble -o You are attention seeking -o She is Nadine Dorries0 -
Yes on that you are correct as the pseudorandom code these things generate cant have more than one backend server. It would be nice to but it would also mean one point of failure if it went down ... a truly yuky thought.
I took your "set of credentials" to mean each account rather than institution even though you actually made it quite clear
0 -
This will break anyone using account aggregation services, such as Egg Money, or First Direct's service. Not to mention be far more inconvenient for every manual login.
A see another complaint coming, they cannot make this mandatory. Nationwide just keep on digging...Cider Country Solar PV generator: 3.7kWp Enfinity system on unshaded SE (-36deg azimuth) & 45deg roof0 -
Just a thought but if Egg Money Manager could do it automated for you ... then its just as easy for a crook to do it with a hijacked zombie pc.
Id rather have auth on everything but I dont believe that card readers are the right way to do it. A separate dongle which is not tied to a physical card / pin is better.
That way if you did happen to lose your card you would still be in a position to transfer money to another account if you needed to.0 -
infomonkey wrote: »Yes on that you are correct as the pseudorandom code these things generate cant have more than one backend server. It would be nice to but it would also mean one point of failure if it went down ... a truly yuky thought.
Of course there can be more than one backend server, that's complete gibberish.
If I want to setup 50 servers to provide OTP authorisation then I simply provision each one with the relevant secret key... and voila, you have a failover cluster.0 -
Ok have a proper look into how Two Factor Pseudo Random data systems work then come back and tell me I am talking gibberish. It is possible to "cluster" these services yes but distributing them is more difficult due to the requirement for a single accurate time source.
There will always be a weak point in something that large. Look at Gmail for example that doesnt need exact sync yet it still falls over.
Theres something to be said for the old iron from IBM etc it may be ancient but its rock solid.0 -
infomonkey wrote: »Ok have a proper look into how Two Factor Pseudo Random data systems work then come back and tell me I am talking gibberish. It is possible to "cluster" these services yes but distributing them is more difficult due to the requirement for a single accurate time source.
If that's your only concern, then you are indeed talking 'gibberish.' It's perfectly possible to get disparate connected systems (even on different continents) to within millisecond accuracy (of either themselves in an isolated network or, more usually, of UTC): http://en.wikipedia.org/wiki/Network_Time_ProtocolConjugating the verb 'to be":
-o I am humble -o You are attention seeking -o She is Nadine Dorries0 -
After being a Nationwide customer for almost 30 years it's this sort of thoughtless change that has led me to make my accounts with them largely dormant. I flagged my concerns when they brought in the card reader regarding the need to carry one around, and the fact that the likes of Santander and Lloyds have a much more customer-facing approach to security - but still Nationwide add on another level of security that misses the main issue.
We all appreciate the need for security, but can also see that the focus needs to be on validating new payees rather than this ten-ton weight approach.0 -
I'm certainly not going to lug that thing everywhere I go, just on the off-chance I may wish/need to log into my account!
It was thoughtful of Nationwide to already have removed the only reason to keep my account open, the foreign exchange perk, so that I shall now have no hesitation in getting the hell out.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards