cancel
Showing results for 
Search instead for 
Did you mean: 

Confused About App Password

VMCopperUser
Wise owl

Okay, so I have quite a few email acccounts, and I got notice this morning someone had logged into facebook with said email - odd as it is a burner account with a password that's unique, highly random and long.  So that leaves them just attempting, but I thought - Good time to change the APP password on this email account (It's only for receiving 2FA codes)..

Turns out to change the App Password I need to remove my email address and add a new non vm email address?? 

So if I am understanding this correctly, they want me to make something like a gmail address, remove my primary, add the new one as primary, then log in with new one, reset, get verification code... I mean... What I am confused about is really - why has some idiot been allowed to make this process overly complicated.  How about just let me, you know, Change the password. 

It's no surprise so many email accounts have been hacked, if VM's internal security designs are just as horrible - utterly horrible - idiotic design, then I can see why they don't report database breaches - Cause they have no clue if it's happening or not. 

Time to sack the whole support team again and start over I think. 

Until then - Give us the option to Change the password.

Perhaps making the service as bad as they can - and my god is it bad - is just a way of pushing people off of it so they can shut the doors to that service.  If that's what they are doing then shame on the teams in charge of this, I wouldn't put such a weak underhanded thing beyond VM honestly.

----
I do not work for VM, but I would. It is just a Job.
Most things I say I make up and sometimes it's useful, don't be mean if it's wrong.
I would also make websites for them, because the job never seems to require the website to work.
4 REPLIES 4

Adduxi
Very Insightful Person
Very Insightful Person

 Virgin no longer allow VM/NTL/Blueyonder emails for accounts.  It has been rumoured they are either going to “sell off” the mail service or drop it at some point.  I would advise you move your email to somewhere else. I’ve done this over the past year and no longer rely on my old NTL one. 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Graham_A
Very Insightful Person
Very Insightful Person

@VMCopperUser wrote:

Okay, so I have quite a few email acccounts, and I got notice this morning someone had logged into facebook with said email - odd as it is a burner account with a password that's unique, highly random and long.  So that leaves them just attempting, but I thought - Good time to change the APP password on this email account (It's only for receiving 2FA codes)..

Turns out to change the App Password I need to remove my email address and add a new non vm email address?? 

So if I am understanding this correctly, they want me to make something like a gmail address, remove my primary, add the new one as primary, then log in with new one, reset, get verification code... I mean... What I am confused about is really - why has some idiot been allowed to make this process overly complicated.  How about just let me, you know, Change the password. 

It's no surprise so many email accounts have been hacked, if VM's internal security designs are just as horrible - utterly horrible - idiotic design, then I can see why they don't report database breaches - Cause they have no clue if it's happening or not. 

Time to sack the whole support team again and start over I think. 

Until then - Give us the option to Change the password.

Perhaps making the service as bad as they can - and my god is it bad - is just a way of pushing people off of it so they can shut the doors to that service.  If that's what they are doing then shame on the teams in charge of this, I wouldn't put such a weak underhanded thing beyond VM honestly.


No, you are not understanding it correctly.  You are being asked to change the log in username for your VM email account to a non vm email address.  This does not change the underlying email address just the way you log into it in VM Webmail or the associated My Virgin Media account.  For password changes a verification code is sent to the third party username to confirm the password change.  You will then also be able to generate a new app password to access the email account concerned via an email client.  When using an email client the username remains as the full email address for the account not the third party email address used to sign into MY VM or Webmail.

________________________________
Graham

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Please read the FAQs
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Right, So they want me to make a 3rd party email address, to log into their email address.

I mean, I understand what they are saying here.  Their accounts are so insecure they want you to use a 3rd party.  Adding extra layers is just honestly nuts.  The fact that they can set up a system that accepts multiple passwords and then remove the ability to change those passwords without also attaching a 3rd party account.  That's nuts.

----
I do not work for VM, but I would. It is just a Job.
Most things I say I make up and sometimes it's useful, don't be mean if it's wrong.
I would also make websites for them, because the job never seems to require the website to work.

Yea, After the problems we had a little while back, that was most likely a mass bruteforce/hack attack, I moved away most of what's important or at least those things that carry private information.  The fact that VM has no ability to View IP Logs (and they say that, but that's a lie because they have a legal requirement to hold that info) shows just how lax their security is.  2FA Token generators have been around for so long there's no reason any service shouldn't have that or something like it.  They instead created thousands upon thousands of "accounts" by exporting each email address to its own account while at the same time creating a security hole by copying the "account password" to the "email password".  It just irks me that they seem to have taken the security and responsibility books and thrown them out of the window - It reminds me of Phorm (When VM was going to let a 3rd party have access to their network so they could record our MetaData in real time).

----
I do not work for VM, but I would. It is just a Job.
Most things I say I make up and sometimes it's useful, don't be mean if it's wrong.
I would also make websites for them, because the job never seems to require the website to work.