Cater Allen New Website Cater Allen New Website - Page 3
Page 3 of 6 FirstFirst 12345 ... LastLast
Posts 21 to 30 of 53
  1. #21

    My post count is Majestic

    AtW is always on top

    AtW's Avatar
    Join Date
    Jul 2005
    Posts
    58,647

    Default

    Quote Originally Posted by ladymuck View Post
    SIM card cloning is rife and easy.
    ... and you know that .... how?


  2. #22

    More fingers than teeth

    ladymuck has reached the peak. Play again?

    ladymuck's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    13,055

    Default

    Quote Originally Posted by AtW View Post
    ... and you know that .... how?

    If I told you then I'd have to... Well, see another thread about fridge capacity...


  3. #23

    My post count is Majestic

    NickFitz has reached the peak. Play again?

    NickFitz's Avatar
    Join Date
    Jun 2007
    Location
    Your local branch
    Posts
    51,645

    Default

    Another dumb thing it does is, as far as I've worked it out: when you submit the login form, it uses JavaScript to hash the password, then puts that value in the password field overwriting the actual password, then (I suspect) cancels the form submission event using preventDefault, then submits the form all over again via JavaScript.

    I use Safari and its built-in password management (integrated with the MacOS Keychain). Going through this process means that, when the form is finally submitted for real, Safari notices that the password is now different, and asks whether it should replace the value you currently have stored with this new value that's magically appeared. If you mistakenly agree that it should, you then have a hash of the password saved, which doesn't work, and have to go through a ridiculously convoluted procedure to reset your password again

    None of this is necessary, as the connection is secured by TLS in the first place

  4. #24

    My post count is Majestic

    AtW is always on top

    AtW's Avatar
    Join Date
    Jul 2005
    Posts
    58,647

    Default

    It’s a conspiracy to stop people from saving passwords!



  5. #25

    Super poster

    fullyautomatix is NOT a disguised employee

    fullyautomatix's Avatar
    Join Date
    Feb 2010
    Location
    Gaul
    Posts
    4,942

    Default

    Quote Originally Posted by NickFitz View Post
    Another dumb thing it does is, as far as I've worked it out: when you submit the login form, it uses JavaScript to hash the password, then puts that value in the password field overwriting the actual password, then (I suspect) cancels the form submission event using preventDefault, then submits the form all over again via JavaScript.

    I use Safari and its built-in password management (integrated with the MacOS Keychain). Going through this process means that, when the form is finally submitted for real, Safari notices that the password is now different, and asks whether it should replace the value you currently have stored with this new value that's magically appeared. If you mistakenly agree that it should, you then have a hash of the password saved, which doesn't work, and have to go through a ridiculously convoluted procedure to reset your password again

    None of this is necessary, as the connection is secured by TLS in the first place
    That it utterly ridiculous. What kind of programmer thought of this bollox. Was it one of you lot ? This is a story that you usually find in coding horror and not a production banking website!
    Vote Corbyn ! Save this country !

  6. #26

    More fingers than teeth

    OwlHoot is a fount of knowledge

    OwlHoot's Avatar
    Join Date
    Jul 2005
    Posts
    14,857

    Default

    Quote Originally Posted by NickFitz View Post

    When I was in hospital the other year I had terrible reception, but wanted to pay my VAT bill the night before I went under the knife, just in case. ..
    Are you saying that paying a VAT bill was potentially the most important last task you had to do in this life?

    Sort of reminds me of Henry Royce's (cofounder of Rolls Royce) reputed last words "I wish I'd spent more time in the office"
    Work in the public sector? Read the IR35 FAQ here

  7. #27

    My post count is Majestic

    NickFitz has reached the peak. Play again?

    NickFitz's Avatar
    Join Date
    Jun 2007
    Location
    Your local branch
    Posts
    51,645

    Default

    Quote Originally Posted by OwlHoot View Post
    Are you saying that paying a VAT bill was potentially the most important last task you had to do in this life?

    Sort of reminds me of Henry Royce's (cofounder of Rolls Royce) reputed last words "I wish I'd spent more time in the office"
    There isn't much to do in the Coronary Care Unit, so I figured I might as well pass the time sorting out various odd bits like that so nobody else would have to deal with them if things didn't turn out as planned

  8. #28

    Super poster

    Andy2 's job has never been outsourced


    Join Date
    Jul 2007
    Posts
    2,169

    Default

    Quote Originally Posted by fullyautomatix View Post
    That it utterly ridiculous. What kind of programmer thought of this bollox. Was it one of you lot ? This is a story that you usually find in coding horror and not a production banking website!
    I suspect suity has joined CA

  9. #29

    Godlike

    jamesbrown is a fount of knowledge

    jamesbrown's Avatar
    Join Date
    Dec 2011
    Posts
    9,527

    Default

    Quote Originally Posted by Andy2 View Post
    I suspect suity has joined CA
    As a coder.

  10. #30

    Nervous Newbie

    The Butcher has no reputation


    Join Date
    Jun 2015
    Posts
    7

    Default

    It's absolute dog poop
    Also looks like they've removed the .ofx export file format - its only .csv now and it's not compatible with my accountants web site.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •