Megapath DSL sends passwords in cleartext email, other problems
Kevin Dalley
of their service. Megapath sent my first password in the clear. I am
allowed to set up an auxiliary password via a secure web site, but
this password is immediately sent in the clear. As an alternative, I
can have the password randomly generated and have a technician call
with the password. Passwords cannot be modified by users. Though
users may add additional passwords. When I requested a change in the
method which Megapath uses for passwords, I was told that Megapath's
method was fixed. I didn't have a choice.
Access to the password allows access to my name, additional passwords,
address, phone number, customer numbers, original router user name and
password. Access to my email via pop is also allowed.
Email access is only available through unencrypted pop3. The password
and all email is sent in the clear.
When I mentioned the lack of passive ftp access, I was given an IP
address which had passive ftp. This service was canceled within two
weeks.
DSL service took over a month to set up. Either Megapath or COVAD
checked the wrong phone number, but didn't quickly tell me. After I
found out about the wrong phone number, I spent over a week contacting
Megapath before they finally started DSL access for my real phone
number.
On the good side, Megapath did help me to set up my DSL and helped me
with troubleshooting installation problems.
In short, I have not been happy with Megapath. Megapath is not low
end DSL. Megapath should provide service which is compatible which
matches their prices.
--
Kevin Dalley
ke...@kelphead.org