Clank <clank75@googlemail.com> wrote:
On 07/03/2026 00:55, Recliner wrote:
Charles Ellson <charlesellson@btinternet.com> wrote:
On Fri, 06 Mar 2026 22:01:46 +0000, Mark Goodge
<usenet@listmail.good-stuff.co.uk> wrote:
On Mon, 2 Mar 2026 14:11:59 -0000 (UTC), Tweed <usenet.tweed@gmail.com> >>>>> wrote:The "lost password?" process sometimes gets round that. A couple of
It has always been possible to reserve seats on the GWR website for almost
any TOC that offers reservations. You don?t need to hold a ticket to make
the reservation (though obviously you do to travel). The GWR website has >>>>>> undergone a revamp and it took me ages to find the correct page again. So
in case this helps others:
Firstly you need to be signed in via the icon at the top right of
www.gwr.com (the green circle)
Then go to
https://www.gwr.com/myaccount/my-trips
There you should see a Make A Reservation button
Well, I have no need to travel in the immediate future, but I thought I'd >>>>> check it out anyway.
I tried to log in, and it gave me a "Please enter a valid email address" >>>>> error. My assumption was that my account didn't carry over from the old >>>>> version, so I went to register a new account. And got an "email already >>>>> exists" error. So I can't register, and I can't log in.
sites where I have had that were ones which hadn't been used for some
time and which had introduced 2FA while I was away but no longer put a >>>> setup link on the login page, instead just giving no apparent
reaction.
Yes, that usually works.
When a service provider *forces* the lost password method (like this),
it's often a sign that they've changed technology provider - and the new
provider supports a different password-hashing mechanism (since password
hashes are one-way, it's impossible* to "unhash" the password from one
provider and then hash it again with the new one.)
So it is indeed a lost password - it's just that they have lost it, not
you :-).
The alternative explanation is they have decided to upgrade the password
hashes themselves for better security (e.g. they used to use MD5, and
now they are upgrading to SHA-512.) Again, they can't actually
'convert' the passwords, though.
There are better ways of handling this scenario from a UX perspective -
typically, what you do is record the hash algorithm in the password
table. When a user with a password hashed in the old way logs in, after
you've verified it you then take advantage of the fact you have the
actual password 'in hand', re-hash it with the newer algorithm, and then
update their record in the database. So over time, as users log in,
they get seamlessly upgraded to the new algorithm in the background.
This does take a small amount of effort though, and IT departments and
systems integrators are lazxy, so "fuck it, just delete them all and
tell them to reset their passwords" can often win...
* computationally infeasible to do for a whole database, more accurately
And there are failure cases where a weaker hash algorithm allows a
collision - you can?t guarantee that the password you?ve unhashed is
actually the one the user typed.
In message <chkmqkh9uhh4ilbsnp351ncarhctrfo2nb@4ax.com>, at 22:22:42 on
Fri, 6 Mar 2026, Charles Ellson <charlesellson@btinternet.com> remarked:
On Fri, 06 Mar 2026 22:01:46 +0000, Mark Goodge >><usenet@listmail.good-stuff.co.uk> wrote:
On Mon, 2 Mar 2026 14:11:59 -0000 (UTC), Tweed <usenet.tweed@gmail.com> >>>wrote:The "lost password?" process sometimes gets round that. A couple of
It has always been possible to reserve seats on the GWR website for almost >>>>any TOC that offers reservations. You don?t need to hold a ticket to make >>>>the reservation (though obviously you do to travel). The GWR website has >>>>undergone a revamp and it took me ages to find the correct page again. So >>>>in case this helps others:
Firstly you need to be signed in via the icon at the top right of >>>>www.gwr.com (the green circle)
Then go to
https://www.gwr.com/myaccount/my-trips
There you should see a Make A Reservation button
Well, I have no need to travel in the immediate future, but I thought I'd >>>check it out anyway.
I tried to log in, and it gave me a "Please enter a valid email address" >>>error. My assumption was that my account didn't carry over from the old >>>version, so I went to register a new account. And got an "email already >>>exists" error. So I can't register, and I can't log in.
sites where I have had that were ones which hadn't been used for some
time and which had introduced 2FA while I was away but no longer put a >>setup link on the login page, instead just giving no apparent
reaction.
I recently bought a handheld gadget from eBay to take credit card
payments off non-goatherder customers I might meet at car boot sales
etc.
Needs to be registered (fair enough) but I've not yet solved the deadly >embrace where it says my password (which works on my laptop) is invalid.
And when I do password recovery, which as a side effect confirms I am
using the correct email address, says that the new password doesn't work >either.
On Sat, 7 Mar 2026 08:52:47 +0000, Roland Perry <roland@perry.uk>
wrote:
In message <chkmqkh9uhh4ilbsnp351ncarhctrfo2nb@4ax.com>, at 22:22:42 on >>Fri, 6 Mar 2026, Charles Ellson <charlesellson@btinternet.com> remarked: >>>On Fri, 06 Mar 2026 22:01:46 +0000, Mark Goodge >>><usenet@listmail.good-stuff.co.uk> wrote:I have had that where they haven't bothered to mention on the "lost
On Mon, 2 Mar 2026 14:11:59 -0000 (UTC), Tweed <usenet.tweed@gmail.com> >>>>wrote:The "lost password?" process sometimes gets round that. A couple of
It has always been possible to reserve seats on the GWR website for almost >>>>>any TOC that offers reservations. You don?t need to hold a ticket to make >>>>>the reservation (though obviously you do to travel). The GWR website has >>>>>undergone a revamp and it took me ages to find the correct page again. So >>>>>in case this helps others:
Firstly you need to be signed in via the icon at the top right of >>>>>www.gwr.com (the green circle)
Then go to
https://www.gwr.com/myaccount/my-trips
There you should see a Make A Reservation button
Well, I have no need to travel in the immediate future, but I thought I'd >>>>check it out anyway.
I tried to log in, and it gave me a "Please enter a valid email address" >>>>error. My assumption was that my account didn't carry over from the old >>>>version, so I went to register a new account. And got an "email already >>>>exists" error. So I can't register, and I can't log in.
sites where I have had that were ones which hadn't been used for some >>>time and which had introduced 2FA while I was away but no longer put a >>>setup link on the login page, instead just giving no apparent
reaction.
I recently bought a handheld gadget from eBay to take credit card
payments off non-goatherder customers I might meet at car boot sales
etc.
Needs to be registered (fair enough) but I've not yet solved the deadly >>embrace where it says my password (which works on my laptop) is invalid. >>And when I do password recovery, which as a side effect confirms I am
using the correct email address, says that the new password doesn't work >>either.
password" page what has to be in or not in the password and how long
it has to be.
| Sysop: | Jacob Catayoc |
|---|---|
| Location: | Pasay City, Metro Manila, Philippines |
| Users: | 5 |
| Nodes: | 4 (0 / 4) |
| Uptime: | 119:55:14 |
| Calls: | 125 |
| Calls today: | 125 |
| Files: | 489 |
| D/L today: |
859 files (365M bytes) |
| Messages: | 76,577 |
| Posted today: | 26 |