Jump to content
Sign in to follow this  
nodwad

Password

Recommended Posts

Today I tried to log into my account to change my debit card details.it keeps saying incorrect password.so I have tried several times to change to password but it keeps coming up it is case sensitive and requires a least one upper case and at least one number ,which I have but no joy.anyone out there has had same problem or any advice would be welcome.many thanks

Share this post


Link to post
Share on other sites
59 minutes ago, Jim said:

Call BF to change booking

Many thanks all sorted,told I was doing nothing wrong just a different way bf are doing things to safeguard passwords.

Share this post


Link to post
Share on other sites

Thanks for the clarification!  For a minute I was thinking you were talking about BFE and I was wondering why BFE would have stored your debit card details! 😀

Share this post


Link to post
Share on other sites
31 minutes ago, Gareth said:

I was wondering why BFE would have stored your debit card details! 😀

OH... it's not for donations to help FSG pay for the oars for Honfleur then. I thought that's what all the portholes were for? 

 

  • Haha 3

Share this post


Link to post
Share on other sites

Why do they have passwords? I am the only person on the planet with my email address. Why do I need a password to buy a ticket?

 

I don't need a password to go into a shop.

  • Like 1

Share this post


Link to post
Share on other sites
51 minutes ago, BobCrox said:

Why do they have passwords? I am the only person on the planet with my email address. Why do I need a password to buy a ticket?

 

I don't need a password to go into a shop.

To make sure it's you changing the booking and not someone else who has got hold of your booking number and email address. Ed. 

Share this post


Link to post
Share on other sites

I find using a special character pretty annoying, but if you cannot use an account with an e-mail address, and associate password which meets the criteria set by the vendor, then you must have serious problems living in the modern world.

It's not as if they set a min length of 64 chars or anything!

Share this post


Link to post
Share on other sites
47 minutes ago, hf_uk said:

I find using a special character pretty annoying, but if you cannot use an account with an e-mail address, and associate password which meets the criteria set by the vendor, then you must have serious problems living in the modern world.

It's not as if they set a min length of 64 chars or anything!

I think with work we're up to 15 characters including a mix of uppercase, lowercase, special characters.... not being repeated for 10 iterations... and for special occasions add to that a 6 digit code that changes every 30 seconds. That, and passwords for various different systems shouldn't be the same.

^ Given hf_uk has seen my work email signature, I think he would agree this is a good idea...

 

1 hour ago, BobCrox said:

Why do they have passwords? I am the only person on the planet with my email address. Why do I need a password to buy a ticket?

 

I don't need a password to go into a shop.

Because your email address is known to so many people, including companies you likely deal with. All it takes is one person with less than good intentions and in your suggested case they'd be able to access your booking (including the names of all passengers) and cancel it. A password verifies that it is you - and even these days that's often now backed up by something else like a code, text or phone call. 

It's also entirely possible depending on circumstances for your email to be taken out of your control which is why increasingly non-email methods of secondary authentication are used.

If you use fingerprint ID on your phone you'll know that turning it on you still need to type your numerical code or swipe a pattern? Why? Because doing so at least proves your conscious and someone isn't holding your finger to a device whilst you're asleep.

All this security may seem frustrating - and whilst it isn't necessary to buy a pint of milk people would be pretty narked if their data was nicked. In the hypothetical situation of needing BF to only accept an email address it would therefore be possible if I was a complete miscreant* to look at email addresses registered with BFE, assume there's a reasonable chance that person's made a ferry booking, try my luck at logging in with it and modify/cancel your ticket just for fun. Imagine turning up for a nice sailing to St Malo and finding yourself on the Etretat ;)

(*I'm not, and what I'm suggesting is legally questionable but also being used to demonstrate why security is good!)

 

 

  • Like 2

Share this post


Link to post
Share on other sites

That reminds me of the old joke. You need to pick a password that contains at least 8 characters and includes 1 number. 

'Snow White and the Seven Dwarves '

Ed

  • Haha 3

Share this post


Link to post
Share on other sites
3 hours ago, hf_uk said:

I find using a special character pretty annoying,

Being a special character myself I find that upsetting...

Share this post


Link to post
Share on other sites
2 hours ago, Cabin-boy said:

That reminds me of the old joke. You need to pick a password that contains at least 8 characters and includes 1 number. 

'Snow White and the Seven Dwarves '

Ed

 

7 minutes ago, jonno said:

Being a special character myself I find that upsetting...

... and the BFE award for worst joke goes to... Neither of you (there is no award, it would only encourage you)

  • Haha 2

Share this post


Link to post
Share on other sites
18 hours ago, Jim said:

I think with work we're up to 15 characters including a mix of uppercase, lowercase, special characters.... not being repeated for 10 iterations... and for special occasions add to that a 6 digit code that changes every 30 seconds. That, and passwords for various different systems shouldn't be the same.

^ Given hf_uk has seen my work email signature, I think he would agree this is a good idea...

 

Because your email address is known to so many people, including companies you likely deal with. All it takes is one person with less than good intentions and in your suggested case they'd be able to access your booking (including the names of all passengers) and cancel it. A password verifies that it is you - and even these days that's often now backed up by something else like a code, text or phone call. 

It's also entirely possible depending on circumstances for your email to be taken out of your control which is why increasingly non-email methods of secondary authentication are used.

If you use fingerprint ID on your phone you'll know that turning it on you still need to type your numerical code or swipe a pattern? Why? Because doing so at least proves your conscious and someone isn't holding your finger to a device whilst you're asleep.

All this security may seem frustrating - and whilst it isn't necessary to buy a pint of milk people would be pretty narked if their data was nicked. In the hypothetical situation of needing BF to only accept an email address it would therefore be possible if I was a complete miscreant* to look at email addresses registered with BFE, assume there's a reasonable chance that person's made a ferry booking, try my luck at logging in with it and modify/cancel your ticket just for fun. Imagine turning up for a nice sailing to St Malo and finding yourself on the Etretat ;)

(*I'm not, and what I'm suggesting is legally questionable but also being used to demonstrate why security is good!)

 

 

I won't start the debate on levels of entropy in "three random words" then Jim. *
https://www.theverge.com/2017/8/7/16107966/password-tips-bill-burr-regrets-advice-nits-cybersecurity
There are of course counter arguments to this which stack up mathematically also, and of course best not to use three short words; but currently it is still what the NCSC recommend to the public as best-practice advice.
*oops, too late ;-)

Share this post


Link to post
Share on other sites
54 minutes ago, hf_uk said:

I won't start the debate on levels of entropy in "three random words" then Jim. *
https://www.theverge.com/2017/8/7/16107966/password-tips-bill-burr-regrets-advice-nits-cybersecurity
There are of course counter arguments to this which stack up mathematically also, and of course best not to use three short words; but currently it is still what the NCSC recommend to the public as best-practice advice.
*oops, too late ;-)

Ha - don't get me started. 

I always find some irony that in my client's security office, the password for the shared computer they use on the desk is on a sheet of paper behind the wall... make of that what you will...

  • Like 1

Share this post


Link to post
Share on other sites

I’ve noticed that on most websites and apps that I sign in on my iPhone it comes up asking for my thumbprint to log in with the password but on the BF site it just comes up filled in automatically.

Share this post


Link to post
Share on other sites
38 minutes ago, Jim said:

Ha - don't get me started. 

I always find some irony that in my client's security office, the password for the shared computer they use on the desk is on a sheet of paper behind the wall... make of that what you will...

Is it a "s3cret" ? :)

18 minutes ago, neilcvx said:

I’ve noticed that on most websites and apps that I sign in on my iPhone it comes up asking for my thumbprint to log in with the password but on the BF site it just comes up filled in automatically.

The device taking the strain is good in terms of form filling and logins etc. It does raise the need for two-factor authentication more, which is coming in many places whether you like it or not. Somehow I feel that would not go down well with BF customers (yet)! :-)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...