Security Is Essential, But…

[Nigel Graham 2Participant @nigelgraham2]

I apologise if this is thought political but that is not my intention. It is purely about procedures and many commercial companies, especially in finance and telecommunications, are at least as bad.

It is instead an example of the assumptive nature of the types of people providing many goods and services these days, but making their web-sites as awkward, confusing and unhelpful as possible. The web-designers may all be binary characters dwelling in hexadecimal addresses and knowing their Javascript from their Jaffa Cakes, but they know nowt and care less about their non-specialist users. 

 

Who the heck designs these systems these days?

I can reach my GP surgery’s web-site for various services including appointments (I think – I normally telephone). Even for prescription repeat requests, though something’s gone wrong with one of mine and I cannot put it right.

 

Try using the NHS site though, for your own records including test results.

OF course security and confidentiality are paramount but…

My passord failed.

The “Forgotten Password” route failed.

So I tried creating a new account.

 

All went well until it asked me send a mug-shot. HOW?

This the option if you can’t do that:

.

Next step

Prove who you are
You will need to send a photo of your ID and a recording of your face. This extra security check ensures that only you have access to your health information.

You need to complete all the steps before we can save the details you have entered.

1.                              Contact your GP surgery. If you can, contact them without visiting in person.

2.                              Tell your GP surgery that you need your registration details for their online services. The 3 details you need are:

·                                                         Linkage Key (could be called Passphrase)

·                                                         ODS Code (could be called Organisation Code or Practice ID)

·                                                         Account ID

3.                              When you have all 3 details, use your NHS login to access the your NHS account. You can use the 3 registration details to prove who you are instead of sending a photo of your ID

 

So to create an “account” it wants me to log into my non-existent account and enter things I can’t provide, by a process that itself needs what I can’t provide, plus mysterious extra information including an “account” number.

I have no NHS “Account”, any more than as a private householder I have an “account” with Toolstation, nor come to that, with Mickeysoft. At least I can still buy tools.

Without broadband computer (I’m using it now), and that fitted with a camera (which it isn’t), or even a “smart”-‘phone (which I don’t own), I cannot ask the NHS service myself about my own health. With none of those I would not even know the service reputedly exists.

The site does not say if a “selfie” with an ordinary digital camera is acceptable, so I assume not. Leaving me wondering just what I’m meant to do.

 

Do the people who design these systems ever consider the users?

Do they ever consider that there are people – by no means only those polishing their clogs – genuinely unable to do any of this?

But…

… Might the problem be more fundamental?

The Internet supposedly is to make things more efficient. Yet is it now so dangerously insecure that organisations have to protect themselves and their “clients” by making legitimate access and use increasingly difficult, exclusive, even impossible?

I want personal security but shouldn’t need an IT Degree in IT and MI5 career to request simple information about ME!

 

L

 

[Dave HalfordParticipant @davehalford22513]

Have a passport if not Tough!

 

Me To

 

But it might keep the Russians out.

[BazyleParticipant @bazyle]

Don’t fret, Arti farcical Intelligence is on the case (see other thread 🙂  )

[Nigel Graham 2Participant @nigelgraham2]

Indeed Dave!

They’d probably learn more about me than I could myself from t’Internet.

(“Ivan Ivanovitch, do we know what UK classified submarine systems his CAD designs are for?

“Nyet, yet, but he’s taking tablets for something!”)

 

My passport expired some years ago now. I’m not going to renew it. Last time I needed it was to fly from Bristol to… Glasgow.

 

The whole farago came from friends trying to persuade me I “need” a “smart”-‘phone, including for things like medical test results and NHS advice. Although we in our immediate sexagenarian / septagenarian circle joke about our ages, ageing and ailments, and mine are not too serious I hope, one is controlling prostate cancer. So theirs is a serious suggestion.

 

It used to be far simpler to do what should be simple things, even with necessary precautions for confidentiality, etc. Never mind “AI” – it seems fewer and fewer things are allowed to use basic human intelligence and initiative.

Whilst we’ve had millenia of knowing humans are fallible, the digital alternatives are really not that much better; perhaps because although they do not make numerical mistakes themselves they still need fallible human designers, administrators and data inputters.

 

I could, probably, still telephone my health-centre, answer a few basic identity questions correctly and be told by the receptionist if a test is clear or not. Indeed, no contact from there normally means I need not worry.

Yet using the NHS system to avoid clogging up a busy surgery’s reception, is impossible without the costly equipment and contracts as owned by my friends who also have the skill to use it, and who suggested I use too.*

From this PC on a broadband service, the NHS site should be no harder than logging onto here: name, password, but also, for higher security the receptionist’s simple Id-match questions and own NHS Number.

 

(No photos of American streets though!)

 

*(They’d also tried to persuade me to join their little ‘Whats-App’ group; but I learnt that service is made for a certain brand of “smart”-‘phone, not a PC; and as with the NHS site, registration needs certain inputs I cannot give.)

[duncan webster 1Participant @duncanwebster1]

What’s app works fine on a PC, as well as Android or Apple phone.

[peak4Participant @peak4]

This page explains quite well how to set up an NHS account, on a computer, even without an ID.
It’s actually an excerpt from a package designed for volunteers who help others set up accounts.

https://digital.nhs.uk/services/nhs-app/toolkit/help-your-community-use-the-nhs-app/volunteers-guide-help-someone-set-up-their-nhs-app/setting-up-an-nhs-account

Re Whatsapp, I use it on a PC more than I do on a smart phone, though the way mine is set up, it does require my android smart phone to verify the PC account; I have it as an Opera browser extension, though it can be done via a stand alone web page.
See also https://web.whatsapp.com/ but it might require a smartphone to set it up.

Similarly I mainly use texting via my PC. https://messages.google.com/web/conversations

My own GP’s surgery prefers me to use something called Patient Access; most of that seems to be about selling some form of private healthcare, so I largely decline. https://www.patientaccess.com

Bill

[John HaineParticipant @johnhaine32865]

WhatsApp identities are essentially phone numbers and it uses the SIM security for access control.  So you need a smartphone to sign up. But from what I recall the sign-up is made very easy. Though owned by Meta so far they have not enshittified it too much. I set up 2 WhatsApp groups in the village during the pandemic and they are both going strong still and are used a lot by young and old. Also it’s an essential family glue for us now.

[Nigel Graham 2Participant @nigelgraham2]

Peak4 –

Thank you for that link.

The NHS “account” wants certain details available from the surgery, if you can’t use photographs; but its instructions are so poor they create a confusing circular argument.

I have an appointment there next week so will try to sort this out, as well as the faulty prescription.

I take two medicines ordered in two-monthly batches. One, probably the more important, is correct. The other orders far less than the dose rate totals, and I have not been able to have it put right.

….

and John –

That bears out what I thought: WhatsApp needs a “smart”-‘phone whatever you use it on. I’d hoped it could be installed directly on a PC on a broadband phone & Internet service, but it is not really designed for that.

I don’t have a “smart”-‘phone.

Nor particularly want one; from experience a few years ago.

[SillyOldDufferModerator @sillyoldduffer]

Yup, me too.   My example is a tech company who want me to set up an account before letting me download their config tool or read their documentation.   Fair enough, except they’ve added an additional authentication layer that makes their security stronger than my bank!    As far as I can tell, neither I or the tech company need this level of security.  It’s like storing cat food in Fort Knox.

Three options provided, all requiring a smart-phone, which I don’t have or need for anything else.  One method claims to authenticate from a web browser, but doesn’t.  Arrgh!

I suspect someone said “hey boss, we can improve security and it costs us nothing”.  Boss agrees, not realising the extra protection is unnecessary and that it annoys or stuffs up some customers completely.

Wouldn’t worry my techy nephew: he has a smart-phone.  Failing to keep up with technology is a problem.  The world assumes, correctly, that most people are up-to-date, and I’m increasingly joining the group who have fallen behind…

🙁

Dave

[jaCK HobsonParticipant @jackhobson50760]

I think you are now an ‘edge case’ that is not economically viable to support:

1) you don’t seem to think you have any way of getting a digital photo uploaded to the site

but

2) you want to use the internets for checking up on very sensitive personal details.

 

I have sympathy with both sides of the situation.

If it helps, I think you could use any recent digitised photo of yourself. Doesn’t matter how it is obtained so long as it is recent and in a suitable format, and you can get it onto your computer.

[Nicholas FarrParticipant @nicholasfarr14254]

Hi, each to their own, but I don’t know why people are so objectionable to Smart phones as if it’s the plague or something, there are many tariffs available from monthly connection payments, to a full time contract at different amounts of mobile data connection, and you can get them from fairly basic, to those with all the bells and whistles. you can disable included apps that you don’t require, and you can get those that have security built in, but you can usually install security on them yourself on those that don’t have it built in. I’ve used mine a few times over the years to call my breakdown service, when I’ve been in the middle of nowhere. Things like location can be switch off, and you very often find a do not disturb button, or you can just turn it off if you don’t what anyone to call you at particular times, and of course you can connect to the internet from just about anywhere. No one can force you into joining a group, or make you receive video calls if you don’t want them, and you can ignore telephone numbers that you don’t recognise or trust. No I’m not trying to force anyone to have one, and mine isn’t attached to my ear, but I do find such things as reminders and alarms that are on them when needed very useful. There are very many people that don’t even use a landline anymore, ever, one of which is a sister of mine.

Regards Nick.

[Nigel Graham 2]

On 11 January 2026 at 21:50 Nigel Graham 2 Said:

 

Who the heck designs these systems these days?

 

I can reach my GP surgery’s web-site for various services including appointments (I think – I normally telephone). Even for prescription repeat requests, though something’s gone wrong with one of mine and I cannot put it right.

Agree entirely with the first point. It is far too common for IT systems or all forms to be developed without standing in the shoes of the person that will use them to understand the ease and effectiveness in use.

As for the eNHS….. I can send a message to my GP surgery but…. only when the surgery is open. The logic of that has always baffled me. True, I can obviously only phone and speak to someone at the surgery when they are open. So it seems that in providing an electronic messaging channel they have simply provided support for an alternative media but essentially replicating phone contact. Woeful!

Andy

[John Haine]

On John Haine Said:

I set up 2 WhatsApp groups in the village during the pandemic and they are both going strong still and are used a lot by young and old. Also it’s an essential family glue for us now.

That’s heartening to hear since so many of the “community spirit” advances that seemed to result from the pandemic seem to have dissolved as quickly as they emerged.

Andy

[Bill PhinnParticipant @billphinn90025]

“My passord failed.

The “Forgotten Password” route failed.

So I tried creating a new account.

All went well until it asked me send a mug-shot. HOW?

This the option if you can’t do that:”

The same thing happened to me recently, Nigel. I just gave up on it as a bad job, not because I wouldn’t have been able to upload a mugshot to them if I’d really wanted to but because I fundamentally objected to doing so.

 

“ As for the eNHS….. I can send a message to my GP surgery but…. only when the surgery is open. The logic of that has always baffled me.”

The “logic”, Andy, is that keeping the message line open outside surgery hours results in too many requests to triage next time the surgery opens. Since they cannot safely triage more than a certain number of requests per day, they just triage excess requests out of existence by closing the message line outside surgery hours.

 

[Grizzly bearParticipant @grizzlybear]

Booking a blood test in the stoke on trent area is brilliant. (Online).

The downside to it is a round trip of18 miles. Our surgery is half a mile away, easy walking distance.

They will not do the test there unless the request comes from the surgery.

The biggest pain to me is the AA motoring, followed with anything that starts with British …….

Bear..

[Nigel Graham 2Participant @nigelgraham2]

Jack-

I am perfectly capable of putting a digital photo on my computer, thank you.

The web-site did not give any artistic or technical specifications though, and in fact I think the facility itself did not exist. Like Whatsapp and many other things, it was built on the assumption of using a “smart”-‘phone.

 

The person details are about what’s happening inside me! They are my insides! So I want and am very pleased that the health-centre does take confidentiality safely, but unfortunately their system appears built on “now we all” assumptions making life very difficult if you don’t quite fit the designer’s database-mind.

;;;;

 

I was not against using Whatsapp if it enables joining a small circle among my friends; but it cannot be installed on a broadband PC unless you have a suitable ‘phone so may as well install it on the ‘phone… at more expense. I might be more amenable to a “smart”-‘phone if it can be used on PAYG. I know you don’t need pay £oodles-of-100s for one, and serviceable ones are available second-hand, likely thanks to the fashionistas. I rarely pay more than £30 a year for using the portable phone I have.

My wariness of so-called “smart-‘phones stems from having one for a few months: heavy, clumsy, bulky, difficult to use even for basic telephony. I missed calls, couldn’t reply to others, etc.; and it was bundled with an expensive land-line contract needing me move from BT. The upshot was staying with the latter for my broadband service but at a much cheaper rate; and reverting to a simple portable phone costing under £40/yr at most.

I sold the “dim”-‘phone to my sister.

[Nicholas FarrParticipant @nicholasfarr14254]

Hi Nigel Graham 2, my brother only has a PAYG, mobile, and he has no trouble using Whatsapp on his.

Regards Nick.

[BazyleParticipant @bazyle]

I suppose one of the problems is that a person’s name is not unique, and can be faked. Even a passport number or Nat. Insurance number can just be invented or purloined. An extra email can be obtained by anyone in minutes without checks.
A mobile phone number is fairly strongly linked to a device and hence a person. Yes they can be faked and stolen but that is rather quickly reported by the victim. The most solid system might be a landline and modem  (modems using ADSL are strongly digitally  linked to the actual bit of wire they are connected to and don’t even work if you take them next door). So a number of systems base all their identification on that phone number  rather than just registering against an email like this forum – any of us on the forum could be Putin in disguise.

On Tuesday my village whatsapp group kept me informed about the progress on fixing the power lines after the gales. This morning my street whatsapp group supported a woman who thought she had an intruder at 1am and turned up a security camera picture of a policeman checking things out. Both my ME clubs have whatsapp groups to answer machining queries and confirm meetings etc. A church group advises me of free meals and cake. The Mens’ Shed group mostly confirms who is getting the milk. An finally my family whatsapp keeps us in touch over 3 continents.

I think for the initial registration of whatsapp you might need a smart phone but could temporarily put your sim in a friends phone to do that before moving it back to a dumb phone.

Just had another whatsapp message at 11:57 – Ash tree down at the end of my road next to the tree that came down on Tuesday. So road probably blocked but amazingly power and internet still up though they will cut it for the repairs sometime. However it gives me a chance to fill thermos for breakfast just in case.

[duncan webster 1Participant @duncanwebster1]

My android cost £150, refurbished. I pay £8 per month to giffgaff for more phone calls and data than I could possibly want. It does everything I need and more. Before the family nagged me into it I was sceptical, but now I’d miss it. I must admit that when I bought a new PC with W11 and it wouldn’t talk to my old Huawei phone I was more than a little annoyed.

It isn’t necessary to havd the latest iPhone, they seem to last for years, just have to charge more frequently as they get old.

[Author]

Posts