Fecking NSANDI have made premium bond online even more difficult

Andrew snipped-for-privacy@mybtinternet.com posted

FIrst I've heard of this. Strange that they haven't announced this in an e-mail mailshot.

In message <thki0c$1ac8$ snipped-for-privacy@gioia.aioe.org>, Andrew snipped-for-privacy@mybtinternet.com writes

er. They still send me an e-mail inviting prize checking by entering my holders number.

My second £75 this year. Rate must have gone up:-)

£150 for the missus and £100 for me - both got our first ever 100's!

no Idea what you are talking about but you deserve it

It's all there on the website

financial institutions are having to do it: it's for our protection, don't you know... I think you can have 3 phone numbers registered on an NS&I online account, so that's a choice of landline and mobile (if you have either and/or reception etc) Arguably, NS&I's implementation of two-factor authentication is clunky, and their "registered devices" method is flawed.

NS&I increased the prize rate recently to 2.2%

I suppose if you don't like NS&I's service you can always put your money elsewhere.

They are obliged to implement TFA security as a financial institution. It has been coming for ages and banks were a bit behind the curve.

A six digit PIN offers a fair level of security unless it is also your phone number or DOB. They probably can't stop you doing that though.

A 4 digit bank card PIN is a lot less secure once you remove all of the ones that it won't let you have.

IHG actually got hacked recently through using qwerty1234 ! (you would think they knew better)

For the smart phone there is a NS&I prize checker app just for premium bonds. Set up your details once and afterwards it justs opens up for you to check you prizes.

Which to my mind makes the whole 2FA thing completely pointless! Most bank phone apps do the same, all you need is your 'phone, nothing two factor about it at all as the thing transfers the confirmation code (or whatever is needed) automatically from the phone messaging to the banking app.

I'd complain to them about making reasonable adjustments myself. Being blind I'm coming up against this two factor rubbish all the time, even registering a sim card on Vodafone means you have to always have a mobile with you that was used to create the account. Its madness. Brian

I used to get those emails but they have stopped. Perhaps this is because I have installed their APP on my phone so they assume I don't want the email (which I would have kept had I been given the option). The ability to check your winnings without logging in is still there by entering your PB holders number (and if you know how the check digit algo works you can seen anyones winnings !!, but not who they are).

They have but not as much as 10-year gilt rate :-(

When base rates went down to almost nothing in 2009, the smallest PB prize became £25. Before that the smallest was £50 Jim.

In message <thki0c$1ac8$ snipped-for-privacy@gioia.aioe.org>, Andrew snipped-for-privacy@mybtinternet.com writes

Yes, very annoying but even more so, at least for me, is that, having 'authenticated' my browser, that authentication is lost whenever I clear the cache, which I do more frequently than I log on to the NSI site, so have to go though the whole process again.

OTOH two wins this month, 25+100 :-)

except that there is no need for the extra 6-digit pin. The existing username + strong password + 6-digit OTP should be fine. The additional mandatory 6-digit pin is a pain and they do reject anything that resembles a date, and any sequential sequence, so 784345 is invalid because of '345' !. I tried 4 permutations and all were rejected.

The only reason I can see for this new pin is to keep the phablet brigade happy (because entering a strong password on a phone 'keypad' is very difficult for those with poor eyesight and fat fingers).

I clicked the Chat icon and eventually got through to Nathan who confirmed that 784345 was invalid because of '345' and the new pin was an 'improvement' (but for who ?) but welcomed my feedback.

I did point out that I only used my PC for financial transactions so entering an obscure password of Letters, numbers and special characters is not a problem on a full-size keyboard.

I think they are ignoring PC users and only care about phablet users.

Even worse for you because they assume that everyone can see and operate a touch-sensitive screen.

Andrew

I have, and use, the app but still get the email albeit the email just says you have won and not the amount or any account details.

I hate these OTP. I do all my financial stuff on a PC. Where I can I pay with Credit Card - now tell me - I pay my Council Tax on Credit card, this is to a City Council - why the ff do I need an OTP for that expenditure. Anyone who wants to hack and pay my council tax is welcome to.

Never had a win on my premium bond. 70yrs and counting.

Buy some more. At least £10K worth

I was given ten as a present sixty-odd years ago. Nothing.

Now I have the full fifty thousand and some months I get fifty quid. Some months I still get nothing.

The odds of winning a thousand with one bond, which one might think a not unreasonable hope, are one in over sixty million.

It helps if you live in Surrey, apparently.

Hasn't helped me a lot - £75 total wins since 1961, but I only hold £1,250 worth of bonds. My wife holds £625 since 1967 and she's won £25.