Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Sunday September 25 2016, @10:27AM   Printer-friendly
from the HA-HA! dept.

I always find the various authentication experiences to be more annoying than reassuring, but until now I've always managed to defeat whatever bizarre scheme a web site has created.

Yes, I'm fan of "Reset Password."

Microsoft though has stopped me dead by refusing me access to an outlook.com [account] even though I have the email address and password.

About three years ago someone established an outlook.com email for an organization. They passed the login info on to me. I subsequently just accessed it via Gmail for the next two years.

Today I tried to log in to outlook.com make some changes. They apparently feel that I am not who I say I am and demand some kind of "authentication."

After a half an hour of repeatedly submitting "Verification Forms" (Names, Birthdate, City, Postal Code, Captchas, Previous passwords....," entering numerous PINs, and generally jumping through hoops, I have concluded that I will never ever access this account again.

Best of all the email quoted below offers no way that I can appeal this to some kind of living being.

Is this the worst authentication disaster ever? Is there any logical reason why you would make it impossible for your customers to ever recover an account?

[Continues...]

We recently received a request to recover your Microsoft account *****@outlook.com. Unfortunately, our automated system has determined that the information you provided was not sufficient for us to validate your account ownership. Microsoft takes the security and privacy of our customers very seriously, and our commitment to protecting your personal information requires that we take the utmost care in ensuring that you are the account owner.

Please submit a new account verification form

At this point, your best option is to submit a new form with as much accurate information as you can gather. The more information you can include in the form, the better the chance you'll have of regaining access to your account. We've included a few tips below to help you fill out the form as completely and accurately as possible.

> Submit a new form

Helpful tips for filling out another form:

Answer as many questions as you can.
Use the information you provided when you created the account, or last updated it.
Submit the form from a computer you frequently use.
You will be asked to list recently used email addresses and the subject lines from recent emails. Ask for help from family members, friends, or business contacts to confirm their email addresses and tell you the subject lines of the last three emails they sent you.
Make sure to use the correct domain for your account, such as hotmail.com, live.com, or outlook.com. Keep in mind that your email address may be country specific. For example, if you created your account in Sweden, your domain would be "hotmail.co.se" rather than "hotmail.com".

Ready?

> Submit a new form

Thank you,
Microsoft Support Team

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
USA


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Touché) by Appalbarry on Sunday September 25 2016, @06:24PM

    by Appalbarry (66) on Sunday September 25 2016, @06:24PM (#406338) Journal

    That's exactly it, although I'd add that trying to recall what "security" question answers I provided on my own accounts can be a real challenge, especially when most of them demand information that I'd already forgotten twenty years ago.

    The twentysomethings in Silicon Valley seem to be incapable of understanding that a raft of questions about what you were doing at age twelve might be useless to anyone over the age of say, forty.

    And a question like "Favorite TV Show" might be out of date and forgotten a year later.

    They're creating a situation where the only way to ensure continued access to your account - especially with seemingly random demands that you "authenticate" yourself - pretty much requires you to write down all of the various answers somewhere. Or email them to yourself because slips of paper just don't work.

    Thinking about all of this, I suspect that the number of email, forum, and website logins that I've just abandoned over the years probably exceeds the number that are still active.

    Globally we must be looking at millions or billions of dormant accounts sitting on servers, consuming resources. Relying on a phone number, or an IP address as proof that you're real is really pretty pointless in an age when people access web based services form multiple machines, in multiple locations, in multiple countries.

    Back to the central point though, if your company is going to force me to jump through all of these faux security hoops, you better give me a way to resolve problems when they don't work.

    Ironically, I don't have to worry about the big Yahoo user info dump last week, because I had already been locked out of anything Yahoo a few years ago because of the same problems.

    Starting Score:    1  point
    Moderation   +1  
       Touché=1, Total=1
    Extra 'Touché' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3