Menu
Reply
andrewmm
  • 314
  • 0
  • 31
Fibre optic
1,182 Views
Message 1 of 10
Flag for a moderator

Two factor Authentication

Good day

I have recently , on another forum been hacked, some one was impersonating an administrator, and even had access to the administrators email system. 

as such, in a recent email exchange with virgin media , I am very reluctant to divulge even two characters form my pass word every time I get a PM from "virgin media" 

A suggestion, 

    if the admins PM a customer, rather than ask for them to supply their password for authentication, you post a reference number, which you also put on the support system .

Then we can phone the virgin support system, which has an security system already. If we are told the same reference number form our account notes, we know that the email is authentic.

At the moment, the system seems to be that we have to authenticate ourselves to "you" by giving "secure" information, but how can we be certain you are "you"

Especially when replying to an email

 

 

 

0 Kudos
Reply
goslow
  • 3.61K
  • 516
  • 1.33K
Community elder
1,155 Views
Message 2 of 10
Flag for a moderator

Re: Two factor Authentication

Your suggestion for a two-factor system by phoning in would only work if the VM phone support system was reliable and easily accessible! A good many people end up asking questions on the forum simply because they can't get through to VM by phone!

AFAIK, one-to-one communication with individual VM forum team members takes place via the closed forum messaging system rather than email.

0 Kudos
Reply
japitts
  • 18.54K
  • 2.41K
  • 4.24K
Very Insightful Person
Very Insightful Person
1,113 Views
Message 3 of 10
Flag for a moderator

Re: Two factor Authentication


@goslow wrote:

AFAIK, one-to-one communication with individual VM forum team members takes place via the closed forum messaging system rather than email.


This is absolutely correct. If the OP was exchanging emails with VM staff, it was outside this community forum.

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
andrewmm
  • 314
  • 0
  • 31
Fibre optic
1,102 Views
Message 4 of 10
Flag for a moderator

Re: Two factor Authentication

re " two-factor system by phoning in would only work if the VM phone support system was reliable and easily accessible"

I would hope that all companies that strive to work with customers meet that criterion,

 

0 Kudos
Reply
goslow
  • 3.61K
  • 516
  • 1.33K
Community elder
1,089 Views
Message 5 of 10
Flag for a moderator

Re: Two factor Authentication


@andrewmm wrote:

re " two-factor system by phoning in would only work if the VM phone support system was reliable and easily accessible"

I would hope that all companies that strive to work with customers meet that criterion,


There hasn't been too much indication of that from VM for a long time. If the latest OFCOM customer satisfaction survey is representative, the future prospects for improvement don't look that good either!

0 Kudos
Reply
andrewmm
  • 314
  • 0
  • 31
Fibre optic
1,034 Views
Message 6 of 10
Flag for a moderator

Re: Two factor Authentication

Hope lives eternal

 

0 Kudos
Reply
jem101
  • 3.98K
  • 406
  • 1.65K
Community elder
1,026 Views
Message 7 of 10
Flag for a moderator

Re: Two factor Authentication


@andrewmm wrote:

Hope lives eternal

 


Well yes unless you are a VM customer hoping for better support in which case that hope is snuffed out like a candle in a hurricane.

This forum exists because VM’s customer services is so legendarily bad that future business studies courses will use it as a textbook example of how to make a short term gain but a long term disaster of biblical proportions.

Think VMs management aren’t aware of this? Of course they are and choose to do nothing about it - and why should they if a cheap call centre in Manila (or wherever it is this month) staffed by technical support people whose training seems to consist of ‘follow this script of prepared questions and when they don’t work for maybe 10-15% of callers, well just make something up - as long as the call is logged as being successfully closed then that’s the important part’

The staff on this forum are the one bright spark in the Stygian gloom of VMs support system, the fact that they can by-pass the normal CS teams is the main reason they are usually more successful in resolving issues.

The very, very last thing we want is for them to have to interact with the offshore customer services shambles at all.

Your suggestion has some merits, but if the setup could be that well organised then there probably wouldn’t be much of a need for this forum anyway.

I appreciate your reticence but really if you want help then your best bet is to engage with the forum team. - they need the security information for DPA reasons, if you do call the offshore support they’ll request the same info (otherwise how do they know you are who you claim to be) - except the experience will be far poorer.

Your choice….

andrewmm
  • 314
  • 0
  • 31
Fibre optic
962 Views
Message 8 of 10
Flag for a moderator

Re: Two factor Authentication

I think Two factor Authentication is worth while,

in both directions,

 if you received a link to say a credit card company, and it looked like the credit card company web site, 

     would you respond to a request for your password, as VM are asking us to do 

try slightly miss typing a credit cad companies web site name, and you will find many "clones" 

     that why they saythey never ask for password on line , or via email / forums.

You phone the credit card company , withthe number form the statment, and you know with a fair degree of confidence that it is the right peopel you are talking to .

 

Thats alI Im asking to be considered, 

    security

If you are saying that virgin can not implement security as others have, then may be they should not ask passwords on line.   

    after all, virgin have access to our real virgin email address, and real names

 

0 Kudos
Reply
jem101
  • 3.98K
  • 406
  • 1.65K
Community elder
950 Views
Message 9 of 10
Flag for a moderator

Re: Two factor Authentication


@andrewmm wrote:

Snip....

You phone the credit card company , withthe number form the statment, and you know with a fair degree of confidence that it is the right peopel you are talking to .

 

Thats alI Im asking to be considered, 

    security

If you are saying that virgin can not implement security as others have, then may be they should not ask passwords on line.   

    after all, virgin have access to our real virgin email address, and real names

 


Yes I get that, but how do they know that YOU are the person you claim to be?

And a bit picky I know but none of this is actually two factor authentication.

0 Kudos
Reply
andrewmm
  • 314
  • 0
  • 31
Fibre optic
888 Views
Message 10 of 10
Flag for a moderator

Re: Two factor Authentication

Two factor authentication.

a) virgin send you an email to your registered email address,  with a "token" in it 

b) Virgin place that token on your record.

c) You , phone up Virgin, and pass there authentication, using phone number you already have from your bills

d) Once you are through, then they know who you are. you are authenticated to them, and as you called , you know who they are.

e) Once through, they can read you the token, if its the same as the one you have been sent, then you know you have the real virgin in the email.

Any one rout can be hacked, but they are totally independent routes, 

     so you can have confidence you are talking to a real virgin person , not a hacked site. 

No need to exchange passwords to some one you don't know asking for them over email......

 

Its what banks do , et all in Europe, 

   

0 Kudos
Reply