PDA

View Full Version : The help desk wants my password



robsonde
20-12-2004, 10:02 PM
I have been having problems today with IHUG dialup been very slow, so i rang the help dask to ask if there was a problem with the network.

the help desk dude checked a few things and got me to go to a few sites to see if it was all sites or just some and such like.

at the end of all this he had no answers so he said he would pass all my info on to the network people to have a look at it tomorrow, then he asks for my phone number, and my password.

when i said i was not going to give him my dial up password he seemed supprised. i told him that the netword people dident need it and the ihug tearms say NEVER give you password to ANYONE. he still said that it would be best if i gave him my password. i told him NO in words he could miss.

would you give you password out to the help desk??

Erayd
20-12-2004, 10:17 PM
I would give my password to the helpdesk ppl if I knew them and trusted them. If the guy was just a random stranger, just get him to complain to the techs. You could also set a new password so he can get access (if he thinks he needs it) then change it back afterwards.

Metla
20-12-2004, 10:17 PM
Seems strange they had to ask,I ring help desks all the time to get clients passwords and it takes all of 15 seconds.....

drb1
20-12-2004, 10:22 PM
Seems strange they had to ask,I ring help desks all the time to get clients passwords and it takes all of 15 seconds.....

Quite, Maybee Ihug first responders arent well trusted buy ihug, should all have been available to him.

The other poster is also correct if really nessecary creat a temp then change back.

D.

~sy~
20-12-2004, 10:35 PM
No way! If they need your password to fix things up then they should be able to get it through their own systems. Security checks are usually just done by address, phone number and birthday at the most.

Kame
21-12-2004, 04:17 AM
I understand how Metla can get passwords. You should question your ISP's motives when the helpdesk people store their password in plain text files (their notes under your profile) because the password is one way encrypted and they should have no idea what the password is, but a lot of the helpdesk are storing this, in plain text, so do be concerned.

I wonder if you can request to view your information? and see whether they send it with the password in plain text.

Orcon tried playing the same game asking me for a password, and this was signing up with them over the phone, I asked them if there was another method to join Orcon without signing up over the phone if they were going to ask for me to set a password, then they told me just sign up for their free lifetime email addresses and then upgrade my account from that, in fact, if I knew this prior, I would not have waited half an hour on the phone when I could have done it in 10 seconds, but should I question whether their form sends information unencrypted and plain text?


Kame

Chilling_Silence
21-12-2004, 08:45 AM
I would begin by asking _why_ they need your password? They'd better have a pretty good reason....

Ive never been asked for mine by Ihug?

Greg
21-12-2004, 08:46 AM
When I was on a helpdesk we never needed a password to access any info regarding the account with the exception of their webmail, and then only if the customer asked us to access it for whatever reason.

Speedy Gonzales
21-12-2004, 08:57 AM
Sounds like youre having the same prob as me Rob. Good to know I'm not imaging things lol. And I'm not the only one having probs with Ihug.

I rang the helpdesk too last night. And was asked the same thing. The password that is. Ive rung Ihug 3 times about the same thing. The slowness.

The guy said he'll get in touch with the tech people, and ring me when something happens.

I did give the guy my pw. I wasnt too worried since I'm on Get All. BUT if my bill is more than the normal next month, there will be trouble!

Chilling_Silence
21-12-2004, 08:58 AM
I agree - Im sure its in the T&C or something where they state they'll never ask you for your password...

....or am I thinking of the Banks here?

Metla
21-12-2004, 10:26 AM
Drifting slightly here but...

A few months back i wanted to purchase a few RC cars from the states and sell em off here for a profit so I placed an order through Tower Hobbies and paid via their secure credit card facility,They e-mailed me back and said that my bank didn't suport CC verification and could i please foward them my cc details via plain old details.....

I emailed em alright,

Ash M
21-12-2004, 12:27 PM
I have been having problems today with IHUG dialup been very slow, so i rang the help dask to ask if there was a problem with the network.

the help desk dude checked a few things and got me to go to a few sites to see if it was all sites or just some and such like.

at the end of all this he had no answers so he said he would pass all my info on to the network people to have a look at it tomorrow, then he asks for my phone number, and my password.

when i said i was not going to give him my dial up password he seemed supprised. i told him that the netword people dident need it and the ihug tearms say NEVER give you password to ANYONE. he still said that it would be best if i gave him my password. i told him NO in words he could miss.

would you give you password out to the help desk??

Where I work, we never ask for the password... period. The only time we see a customers password is when changing it for them.

Speedy Gonzales
21-12-2004, 12:58 PM
Yer i told the guy my pw too. BUT have since changed it thru the IHUG site.

So, I wasnt too worried.

george12
21-12-2004, 01:55 PM
Perhaps ninja could enlighten us? Does your ISP ever ask for passwords?

Kame
23-12-2004, 11:23 PM
Maybe this is their test of trust, maybe if you trust them, they'd help you?

You'd need to give them a lot of trust to hand over your password, while you're at it, give them your credit details, pin numbers, etc.


Kame

Wayne H
24-12-2004, 08:08 AM
I used to work on IHUG helldesk, if the software has not changed in the last year and a half there is no way that the helldesk staff can see the pw, they can only change it and verify that the password is the same by entering it into a test box and they get a yes or a no.

ninja
24-12-2004, 09:11 AM
Perhaps ninja could enlighten us? Does your ISP ever ask for passwords?
Rarely. Only in situations where we haven't been able to identify them by any other method.

theother1
24-12-2004, 11:14 AM
Drifting slightly here but...

A few months back i wanted to purchase a few RC cars from the states and sell em off here for a profit so I placed an order through Tower Hobbies and paid via their secure credit card facility,They e-mailed me back and said that my bank didn't suport CC verification and could i please foward them my cc details via plain old details.....

I emailed em alright,

I just had a similar situation arise with a purchase from the USA. Got an email back see below-
"Thank you for your recent order. We have attempted to contact your bank
for verification purposes. Unfortunately they have not responded. We do
apologize for any inconvenience, but we are unable to process your
shipment without address verification. In order for us to verify your
billing address please fax or email {company name} with a recent credit
card statement or utility bill stating the address that your credit card
is registered. Fax # (609)Fax Number.
I emailed them as well, asking if this was legitimate or some unauthorised person on a phishing expedition.
I haven't heard back as yet but am looking forward to their reply.