|
|
To mitigate many potential problems both current and future, be it spam, malware, malicious users etc.
Why not allow the possibilty of users being able to change their username, either by portal access, or ticket request?
Surely it would be the best remedy to counter the current spam situation, and users could have the option of having a mail re-direct for thier old username, should such an option be desirable (hardly likely in the case of spam).
I for one would be far happier knowing that my e-mail addy couldn't be in the 'list' of names to be spammed, and this would make it certain (with the unlikely chance of choosing a username previously compromised).
Not something which should be forced of course, but it seems to me that there are many out there who would like this option. I myself received a dozen spam e-mails in the last two years, and while I've sorted the issue by introducing mail filters, I'm not happy knowing that my username is directly in the spammers crosshairs.
It would also reduce the concern regarding trojans, viri and any other potential malware problems.
Give the Register and Beeb, and anyone else some positive, no arguments solution, and put this problem to bed once and for all.
|
|
|
|
This has been asked a number of times and I think it is being looked into or at least considered. I agree that it should be something that they should be taking seriously and offering customers ASAP.
In the mean time there are two option you can follow. Setup a free PAYG dialup account and use that for your e-mail. Setup an email account with another provider (gmail, yahoo, msn, etc) which will provide you with at least the same level of service.
Any redirects setup to either another PlusNet address or an external address will mean that the spam as well as the valid e-mail follows you, but it's something that can be turned off to remove the link to the leaked address after a number of weeks/months.
This problem is unfortunately not going to be put to bed once and for all. There is nothing that anyone can do to entirely solve what has happened. The cat is out of the bag, the horse has bolted, <insert other analogy here>. What can be done is help provide clear information and assistance for those who have been impacted. And for PlusNet to tighten up and ensure it doesn't happen again.
|
|
|
In reply to:
<insert other analogy here>
Since you insist, how about "the fish has escaped the keep-net"??
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
|
Nice one.
I'll see you're fish and raise you a...
"the lemming has already thrown itself off the cliff"
|
|
|
I'll see your lemming and raise you a...
"the cow has jumped over the moon"
|
|
|
Just to confirm, we certainly do want to find a suitable mechanism to achieve this. At the moment, it's a 20 odd minute manual process to change a username. We are still working out what the best solution to that is.
Ian
|
|
The above post has been made by an ISP REPRESENTATIVE (although not necessarily the ISP being discussed in the post).
|
|
|
Fine. I got twenty minutes to spare if you have.
20 x 200,000.....just short of eight years methinks.
 Busy, busy.
Seriously, though it's good to know that it's being considered.
|
|
|
There is a far easier solution to this. PN don't need to change the username for everyone because if you think why that is desired you can also see another way to do it.
My ISP provides me with a username to use on my connection but they don't insist that I use their email address to receive communication from them, instead they use whatever I supply to them for that purpose (more than one if needed). With this username I can create email address if I need and get 1GB of web space.
However, they also allow me to create a subdomain in the format of anythingIwant.myzen.co.uk with a further 1GB of web space. This then has the ability to have pop3/web email access in the format [email protected]. Should it ever become compromised I can easily change this subdomain to another one and it doesn't affect me one bit because it isn't tied to the operation of my whole account with them.
The main problem with PN position is the insistence to send all communication to the postmaster account and the username/password is used for access all facilities related to the account e.g. ftp, email, web space etc.
Solutions:
Remove the necessity to monitor the ISP supplied email address
Send all communication to the user on their preffered email address
Allow the creation of a subdomain and email addresses
|
|
|
Given that 'x' usernames have already been compromised, my OP's advice stands. I don't want a subdomain. I want a secure, changeable username domain.
What's more, [email protected] is a more complicated e-mail setup for the user than [email protected]
I'd get very bored having to tell folk [email protected]
|
|
|
In reply to:
Just to confirm, we certainly do want to find a suitable mechanism to achieve this. At the moment, it's a 20 odd minute manual process to change a username. We are still working out what the best solution to that is.
Ian
I thought PlusNet said many times it was impossible to change usernames. Something about being registered with BT.
Nick
PlusNet Broadband Your Way Option 2 DSLMax Netgear DG834G router
|
|
|
|
|
|
|
In reply to:
What's more, [email protected] is a more complicated e-mail setup for the user than [email protected]
I'd get very bored having to tell folk [email protected]
You need to read my explanation again. It isn't [email protected] but rather [email protected] as you want. You have @username.plus.com and Zen's system does the same only @username.myzen.co.uk, except that it can be changed at a whim if needed and in addition to the main user name.
|
|
|
It depends how you define "Impossible" - I can't see anywhere there where we have said it's impossible, or have mentioned BT?
In reality what we are talking about is cancelling one account and opening a brand new one and then copying over all of the details. As none of our support staff have access to things like payment details, we have to involve the finance team to transfer over payment details and there are other complexities (Eg people that want to keep fax2email numbers, static IPs etc, all of which are difficult to move).
I agree with Rsharma about what sounds like the right approach to this one - However to be able to do this requires a lot of development work to get us there. Use of usernames is engrained in a number of internal systems, and there is some quite hefty code rewrites needed to change that (Although for every system we have built in recent years, a unique service identifier has been used instead so it should be easier now than it would have been a year or two ago).
That said, I'm hoping we can come up with something a bit simpler that will work for everyone. I also agree that the postmaster requirement is a bit legacy now. We nabbed that requirement from Demon 10 years ago if I remember correctly and it's never been reconsidered, even though things are rather different now and most people do have an alternative address.
Ian
|
|
The above post has been made by an ISP REPRESENTATIVE (although not necessarily the ISP being discussed in the post).
|
|
|
>I agree with Rsharma about what sounds like the right approach to this one - However to be able to do this requires a lot of development work to get us there. Use of usernames is engrained in a number of internal systems, and there is some quite hefty code rewrites needed to change that (Although for every system we have built in recent years, a unique service identifier has been used instead so it should be easier now than it would have been a year or two ago).
Is there really much work required to allow a customer the ability to have a second username and in addition to their primary one, if this second username is not linked to their account operation?
>I also agree that the postmaster requirement is a bit legacy now. We nabbed that requirement from Demon 10 years ago if I remember correctly and it's never been reconsidered, even though things are rather different now and most people do have an alternative address.
An issue that was highlighted by me back in 2006 and many others before and since then. The sooner that this requirement is removed the better.
|
|
|
The postmaster requirement has been brought up repeatedly (like many of the other things that are now being looked at). I think that's why it grates upon some of us. To have had so many things dismissed in the past and now acted on. But at least they are finally getting seriously looked into.
I've always ignored the postmaster requirement. Anything of any import is also sent to the 'contact' address after all.
Hopefully they'll look into the whole accountname/primary email address/password thing. As currently I'm sure a large percentage of users use [email protected] for everything. This means the same username and password is used for DSL login, portal login, mail login, etc. And often passed unencrypted and in plaintext across insecure connections (when checking mail or logging into FTP for example).
|
|
|
I never checked the postmaster or username email accounts when I was with them for 14 months. Mainly because I wasn't aware of the requirement and secondly because I never used the PN email addresses for anything.
|
|
|
In reply to:
It depends how you define "Impossible" - I can't see anywhere there where we have said it's impossible, or have mentioned BT?
Here and in many other threads...
In reply to:
Its not just a case of PlusNet changing it.
How do you think that when you go on to the internet with broadband it gets to the correct place at Plusnet.??
Your username is used as part of the routing stored in BT's database as well so that the system knows whereto send the packets from your PC.
It would also involve BT doing changes to accommodate your new name.
and they would want a fee for doing that.
johnessex on PlusNet forum 10 feb 2005
Nick
PlusNet Broadband Your Way Option 2 DSLMax Netgear DG834G router
|
|
|
I don't believe JohnEssex works for PlusNet - either way he's wrong
|
|
|
Hi there,
Your username for connection to the internet will be in the format of [email protected]. The bit before the @ is used for our authentication, and the bit following it is used for BT authentication. As such changing the username will have no affect on the broadband connection as long as the account is built correctly in our system.
The problem we have at the moment, as Ian stated earlier, is that to change a username we have to create a new account and manually transfer all the detail across, which takes some time. We are working on ways to improve this though, and will give more info on that as soon as we have it.
|