Monday, 4 June 2018

Companies Need to Realise Email Addresses Actually Change!

Companies need to realise email addresses actually change. Yes, really! After a couple of decades using an email address tied to a website that I ran I sold the website and had to  cope with changing my email address with numerous company websites. Fortunately I had them all listed on a spreadsheet, together with usernames and passwords, etc. Even if it had been a straightforward matter of going to each website, locating the contact information, changing it, logging out, then logging back in again to make sure it had really changed, this alone would have been a mammoth task. Trust me, the number of sites I'm talking about is well into three figures! But that would have been easy - IF the websiste owners actually catered for someone trying to do something so dastardly and inconsiderate as changing their email address. 'How dare they!' seemed to be the general attitude.

Here are SOME of the problems I encountered, and this is not even an exhaustive list!
  • Some sites used email addresses as usernames as well. This means that even if you manage to change the email address for communications, you are forced to use the old email address to logon. (Never  good idea for organisations to have the same information in more than one location. Asking for trouble - ie a human interface. This is what databases are for: one location for one piece of information so it only needs changing once!)
  • Some sites allowed you to change the contact information except, when you logged out and back in again - it was stuck on the old information. (Waiting a week or so to see if a human was involved never seemed to bear fruit!)
  • Some sites had NO PROVISION to change the email address at all! (Data protection, folks! Are you going going to send data to the wrong people because you cannot be bothered to sort the problem out?  Couple this with the tendency to avoid giving any contact information and you reall run ito problems. Both the user and the data protection defaulting website owner.)
  • There are sites which actually name your account after your email address. For example, Microsoft, no less, do this and, although I successfully changed my email address and deleted my old email address in my profile, the account name is still named after my old email address! (How weird is that for one of the world's biggest companies?) 
  • Travelodge already knew my new email address and their alternative one. So that prevented me adding it as my primary one. But it is not possible to delete the primary one - or make it the same as the alternative one. So this is a Catch 22 situation. No way to change it without personal contact - and past experience at doing this is that it is not worth the hassle. Easier to open a new account! You see? Even the big players make changing your email a nightmare!
  • Some sites asked you to contact them to change things - then did not respond (or maybe responded you an old and invalid email address.
  • Some sites manage to  communicate with the new email address but still also sent copies (or ALL communications)  to the old email address - and a new owner of the domain, hence going against new data protection requirements be disclosing private data. (Data protection, folks)
Given that some of the sites involved intensive security measures to be undertaken it felt like the Krypton Factor to undertake a few hours of this work.

I'm not just talking about the little guys here. I've had troubles with Amazon, Npower, Accor Hotels, Autotrader, and other big names.

Are website owners aware of the huge fines they can face for infringing data protection requirements now. So: HELLO! EMAIL ADDRESS CAN CHANGE!

So, bottom line. WEBSITE OWNERS: PLEASE ALLOW USERS OR CLIENTS TO CHANGE THEIR EMAIL ADDRESS ONLINE. OK, sure, there are security issues. But knowing the security answers should allow users to prove themselves. The hurdles are generally quite high already where it matters.

Guys, get your acts together!

1 comment: