Telkom Website Issue - Where can report this?

[MrG]

- Login 1: Success
- Login 2: "The username and password you have entered is incorrect. Please try again."
- Login 3: Success
- Login 4: "The username and password you have entered is incorrect. Please try again."
- Login 5: Success
- Login 6: "Authentication failed. Please try again - Your My Telkom account has been temporarily suspended due to 3 unsuccessful login attempts. Please click Forgot your password."

I have had to reset my account password essentially once a quarter already with me accidentally inserting the incorrect password.

For http://www.telkom.co.za when I login I occasionally enter the incorrect password because of a typo. My issue is that I believe this permanently increments the invalid password counter for the account until it is locked. As per my test case above.

I understand common fundamentals practice for a login API to be when an invalid login occurs the invalid login increment occurs and finally when a login is done where the invalid counter reaches a threshold the account is also locked. If there are for example two invalid login attempts and on the third attempt the login is a success the invalid login increment is reset to 0.

Based on my usage patterns and test above that the issue with the Telkom login system is that when a successful login occurs the invalid login field does not revert to 0.

Who can I report this to?​

 

[Devinity]

I discovered the same thing the other day and had to reset my password. Try reporting it on Facebook or Twitter.

 

[MrG]

I see this issue has now been resolved and there is an additional descriptor that warns you of a lock on the second attempt. Nice.

The JIRA ticket can now be closed.