makes perfect sense to me

good idea, but i can easily put someone else's number and get access to their account..

sub, if you put in the number associated to the account, unless you have the phone/SIM in question, how?

It might be that the phone is stolen and therefore there could be a security issue.  I like the idea though.

@beribat

If the phone is stolen, and you don't remember your username hmm your in trouble.

Their can be a option for this.

When you click the forgotton username and password. Then you type your mobile number and you click confirrm it will ask if you want it by email or text.

Simple's

If the phone was stolen that would be a different scenario, but as said above you could request it by email.

But no security is solid, ever. It does require a certain degree of user responsibility.

In most cases, if a phone is stolen, the first thing the theif does is remove the SIM.

@sparkyboy

Although adding the fuction above but it make the forgotton user name and password more thorough because in future someone can say oh i don't know my email address and i want to use my mobile number but want it to recieve by email. 

Other than that you idea is great

Well the way round you have it is to choose when asking requesting the details and that doesn't help with security (thief knows it's a giffgaff SIM and requests the details to be sent to the phone, so that thief now has access to the giffgaff account no problem).  However it could be an option that the user chooses when setting up the account to have the details sent to email OR phone.  Then they have no excuses that it's insecure because they have the option to choose the level of security themselves.  

So given that caveat I will add kudos. 

As I said, all security does require a certain degree of basic intelligence, I aggree a squirrel might be at risk.