Aqua Reward Credit Card - 3% cashback up to £100/year

Hominu

So they think they are making it more secure by asking you for a 5 digit number and then chosing random digits from it each time you sign on? Considering you type those digits into the registration page on the same PC, if you have a trojan installed, you have already given away your card number, expiry date, date of birth, username, pass code and memorable details. The only thing they'll be missing is your last name.

and its just as slow as before!

IsaCream_Man

I was hoping they would let us see 'Pending transactions', but it seems it's not to be.

I would think that by tomorrow the unusual website seen after signing off and selecting the Home page will have disappeared. After all, I wasn't expecting to see the new process until after today's date, as they were telling us. Perhaps we're a bit early in commenting.

DragonQ

The new website is pretty much the same as the old one, except with a new skin plus it's a bit faster.

I don't understand why they call the password a "memorable word" - it implies it needs to just be a simple word, which is the worst kind of password when it comes to brute force attacks.

Gromitt

Letters from a memorable word is fine when you combine it with a strong password, but they are asking for a simple memorable word and a 5-digit passcode - exactly 5 digits, not more or less - I guess this stops people using their phone or pin number?

Still, I managed to cram a passphrase into my memorable word and at least you can register and use the account straight away without having to receive stuff through the post!

and of course if someone does manage to guess your login details, your protected for whatever fraud might occur - which seems to be limited to them paying your bill using a debit card or setting up a direct debit (which wasn't possible before)

DragonQ

Gromitt wrote: »

Letters from a memorable word is fine when you combine it with a strong password, but they are asking for a simple memorable word and a 5-digit passcode

Exactly.

Gromitt wrote: »

exactly 5 digits, not more or less - I guess this stops people using their phone or pin number?

Hmm never thought about that before, sounds plausible. I have a "standard" number combo that I use for 4, 5 and 6 digit PINs (never come across any others) but I don't use it for debit/credit cards.

Gromitt wrote: »

Still, I managed to cram a passphrase into my memorable word

Yeah it's possible to use a proper password but this isn't even implied let alone stated on the website.

Gromitt wrote: »

at least you can register and use the account straight away without having to receive stuff through the post!

Yup. Modern technology!

IsaCream_Man

Gromitt wrote: »

Letters from a memorable word is fine when you combine it with a strong password, but they are asking for a simple memorable word and a 5-digit passcode - exactly 5 digits, not more or less - I guess this stops people using their phone or pin number? ... ...

I seem to recall entering 6 digits when asked for the password, but it wasn't rejected when registering. I'm only going to be asked for the 1st to the 5th digit anyway when signing in. I had no problem signing in subsequently.

EDIT On second thoughts, I don't now think I did submit a 6 digit passcode after all. Sorry for the confusion.

planteria

3% is ace. but the £100 limit put me off. hit CapOne for £3800 last year;)

aleph_0

They have removed the online credit limit increase request form. But they have now got a generic messaging form, so I guess that can be used for such purposes. Other than that, it does seem the same.

Deru

planteria wrote: »

3% is ace. but the £100 limit put me off. hit CapOne for £3800 last year;)

How much did you have to spend to get that? Also, which card?

Uplink

I've re-registered - with first attempt displaying a server error, second one working.

I can't log in. I get the server error I got on first attempt to register.

And the Terms and Conditions say this:

[3.] e. You must not write down, store (whether encrypted or otherwise) on your computer or let anyone else know your passcode, identity details or additional security details, and the fact that they are for use with your accounts.

So I'm not allowed to use Keepass2 now?

Well... I can interpret that like this: Keeping the Keepass2 database on an external hard drive - thus not on my computer, but slightly next to it - is OK.