Warning: Use of undefined constant SCRIPT_DEBUG - assumed 'SCRIPT_DEBUG' (this will throw an Error in a future version of PHP) in /homepages/42/d89576731/htdocs/ydliu/wp-includes/formatting.php on line 4144

My Internet Notebook

a journal on software, mobile, marketing

Increased Security but Blocked My Login

leave a comment

I was trying to login to one of my online brokerage account but got the dreaded ‘invalid password’ error. Did I become the latest victim of identity theft – someone stole my login and changed my password without my knowing? Out of panic, I started dialing the 800 service number. After 5 minutes on the phone with a rep, I figured out that they changed the password security policy in the last couple of weeks during which I never logged in. My original password was only 6 digits long, but now they require minimum of 7. Ouch!

As a professional in software testing, I think there are a couple of lessons learned here.

First and foremost, communication failure. I don’t recall there were any communication that eluded to the new policy and asked me to login and change my password. This is one of the biggest online broker and just went thru a merger. I can see how this failure could happen in such a situation.

Secondly, their web development / testing team should have tested this scenario where logging in with an old password should be allowed and prompted to change the password to abide by the new policy.

With either of the above implemented, they could have saved the 5 minutes of their reps’s time and avoided a valued customer’s frustration.

As the enterprise software also moves to the SaaS (Software as a Service) model, I can see how we could run into these similar issues again and again.

Written by Y.

January 26th, 2006 at 12:59 am

Posted in Internet,Testing

Leave a Reply

You must be logged in to post a comment.