I initially went with this site for our credit counseling because they seemed the most serious about collecting the information they would need in order to actually help us with our credit situation. It was later pointed out to me that perhaps giving them all of our credit card numbers was not the greatest idea, because who knows what they might do with them -- but then I realized I hadn't given the expiration dates, so they would not be able to use those numbers to assess any charges without any outright fraud (they would have to guess the expiration dates, and could not claim that we had authorized any charges).
It was after sending this in (which I did on 2009-03-27) that they began to annoy me.
- First, their caller ID shows only "800 service" and the phone number, so I missed their initial call-back.
- Next, I realized that I should have given them our other phone number, which can be picked up after the voicemail kicks in (it's an answering machine rather than the phone service's voicemail), so I tried to update the phone number.
- The web site allowed me to log in and see what information I had already given them, but would not let me change it.
- They do have a live chat application (almost but not quite as bad as having to phone), so I clicked on the link and signed in -- only to be told that no chat representatives were available (what are the days/hours?), so please leave a message. Okay, I figured, that's as good as sending an email, so I sent a message asking (1) could they use this other phone number instead the next time they call, and (2) what's the best way to authorize them to speak with me instead of Harena (since she's the official applicant and I'm not)? There was no response (or even an acknowledgement that my message was received), and they continued to use the old number.
- Just now, about two weeks later, I tried to log in again, and the site claimed that my user/password was bad.
- Alarming technical note:
- In the "Technical Support FAQs" section which appears when you click on "Forget your logon information? Click here.", one of the FAQs notes that "For security purposes our system locks after too many failed login attempts. Try closing all of your windows and restarting the browser. If this does not work, go into Tools >> Internet Options >> Choose Delete Cookies, then restart your Browser."
- This heavily implies that the system lock depends on the browser's storage of a cookie. This is really stupid. People who hack web sites have total control over their cookies; if failure to retain cookies lets you attempt as many logins as you want, then of course they will turn off cookies in whatever browser software they are using. So hackers are allowed as many login attempts as they want, and legitimate users get blocked.
- Alarming technical note:
In the meantime, we have come up with a probable solution which involves paying off all the cards, so we probably won't need to talk to these guys. I wanted to send them another message (possibly talking with an actual chat representative if one is available) to just hold off for now, and oh by the way did you ever receive the message I sent earlier -- so I'm going to try to access the chat application to let them know this.
I was able to log in with no problems just a couple of days ago. So they have kept our information online for over a year, but I still can't update it or communicate with them.