Get Help
Community

Forgotten Account Details Retreival Text

Forgotten Account Details Retreival Text

Finally they have changed the Forgotten Username Page and retreival method.

 

Click on this link to retreive your username/password https://giffgaff.com/support/lost-password

 

But there is a flaw, if you no longer have access to the email address or there was an error in the input of the email address it's still of no use.

 

The best option would be to enter your mobile phone number (for the account in question) and the details be sent to that.

15 Comments

makes perfect sense to me Smiley Happy

tutor

good idea, but i can easily put someone else's number and get access to their account..

head honcho

sub, if you put in the number associated to the account, unless you have the phone/SIM in question, how?

supporter
Good idea Smiley Happy Plus you need the sim card in question to gain access to the account.
I ate the FAQ

It might be that the phone is stolen and therefore there could be a security issue.  I like the idea though.

top cat

@beribat

 

If the phone is stolen, and you don't remember your username hmm your in trouble.

 

Their can be a option for this.

 

When you click the forgotton username and password. Then you type your mobile number and you click confirrm it will ask if you want it by email or text.

 

Simple's Smiley Wink

head honcho

If the phone was stolen that would be a different scenario, but as said above you could request it by email.

 

But no security is solid, ever. It does require a certain degree of user responsibility.

 

In most cases, if a phone is stolen, the first thing the theif does is remove the SIM.

top cat

@sparkyboy

 

Although adding the fuction above but it make the forgotton user name and password more thorough because in future someone can say oh i don't know my email address and i want to use my mobile number but want it to recieve by email. 

 

Smiley Wink Other than that you idea is great

I ate the FAQ

Well the way round you have it is to choose when asking requesting the details and that doesn't help with security (thief knows it's a giffgaff SIM and requests the details to be sent to the phone, so that thief now has access to the giffgaff account no problem).  However it could be an option that the user chooses when setting up the account to have the details sent to email OR phone.  Then they have no excuses that it's insecure because they have the option to choose the level of security themselves.  

 

So given that caveat I will add kudos. :smileyhappy:

head honcho

As I said, all security does require a certain degree of basic intelligence, I aggree a squirrel might be at risk.