Discovery Forgot Password functionality

ToxicBunny

ToxicBunny

Oi! Leave me out of this...
Joined
Apr 8, 2006
Messages
141,535
Reaction score
99,419
Location
Crimetown
Honestly, I have no idea what part of the forum this really belongs.

I am currently more than slightly shocked by Discovery.

I had forgotten both my username and password (since I log into their site maybe once every 2 years or so), so I just clicked on the forgot password link.

All it required from me was my ID Number, and then I could give them and email address or phone number and they would send me the Username with a temporary password.

The monumentally crap level of security that shows from Discovery is astounding. Pretty much anyone can get into anybody elses Discovery profile with minimal info.
 
ToxicBunny said:
Honestly, I have no idea what part of the forum this really belongs.

I am currently more than slightly shocked by Discovery.

I had forgotten both my username and password (since I log into their site maybe once every 2 years or so), so I just clicked on the forgot password link.

All it required from me was my ID Number, and then I could give them and email address or phone number and they would send me the Username with a temporary password.

The monumentally crap level of security that shows from Discovery is astounding. Pretty much anyone can get into anybody elses Discovery profile with minimal info.
Click to expand...

So you can nominate any cell number or e-mail address? It doesn't require you choose between the ones it will have for you on the system?
 
supersunbird said:
So you can nominate any cell number or e-mail address? It doesn't require you choose between the ones it will have for you on the system?
Click to expand...

Pretty much....

Going to try something in that regards now, just to confirm.


**EDIT**
Ok, so it double checks the value they have on file, and rejects it if it doesn't match.
Still find the fact that they ask for an email address to be very very strange... if they're double checking what they have on record, then just don't even ask and only send it to the email address on record.
 
Last edited:
Yeah it asks for the email but only sends to one on file... guess you could have more than one email on file...
 
herbertk said:
Yeah it asks for the email but only sends to one on file... guess you could have more than one email on file...
Click to expand...

Just seems to be a monumentally bad UI design then at the end of the day.

An account should have a primary contact email, they shouldn't ever ask for you to enter it again just to compare.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X