We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
POP telecom - security
sailor_girl
Posts: 5 Forumite
I am concerned that I received a user name AND password in the same email from POP telecom, this doesn't seem very secure to me. I logged on expecting to get a message to change my password straightaway but I didn't and although I hunted around I could not see any way to change it, except for the Invoices portal. Surely this means that anyone in the company could mess around with my account. Is this a GDPR issue?
0
Comments
-
Wouldn't that be the case even if your user name and password had been sent in separate emails?sailor_girl said:I am concerned that I received a user name AND password in the same email from POP telecom, this doesn't seem very secure to me. I logged on expecting to get a message to change my password straightaway but I didn't and although I hunted around I could not see any way to change it, except for the Invoices portal. Surely this means that anyone in the company could mess around with my account. Is this a GDPR issue?
If you're concerned about their security, move your account elsewhere. I presume you're in a cooling-off period?0 -
Didn't you post the other day about cancelling your direct debit to cancel the contract? For some reason the thread has vanished.
0 -
Yes I have cancelled my contract, although they are still trying to bill me for phone calls I supposedly made after that date (and while I was 300 miles away!)0
-
There will inevitably be many people within organisations like that with access to your account, so including login credentials within an email is unlikely to weaken data security within the company, but potentially exposes some additional risk during transmission if interception is a possibility. The ICO's advisory guidance suggests not sending passwords by email but that doesn't in itself mean that there's any actual breach of the legislation, never mind an actionable one:sailor_girl said:Surely this means that anyone in the company could mess around with my account. Is this a GDPR issue?Do not send passwords over email, even if they are temporary – use one time linkshttps://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/security/a-guide-to-data-security/passwords-in-online-services/0 -
Thanks.
It just confirms my opinion that they probably don't know what they are doing.
Every time I phone them up they don't seem to know what I am talking about when I mention my problem, I have to explain myself all over again and they always seem surprised, so I am guessing they don't make proper notes of calls either.0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.1K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.5K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178K Life & Family
- 260.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards