The Channel logo


By | John Leyden 26th October 2010 14:27

Sage Pay upgrade glitch forced poor password picks

Odd spacial character snafu causes confusion

Payment provider Sage Pay is investigating a weekend upgrade that resulted in a minority of users being obliged to adopt a less secure password that only contained alphanumeric digits.

The issue was brought to our attention by a number of Reg readers who told us the upgrade "knocked off users who use special characters in their passwords". In addition, one told us that surfers who used IE were advised to switch to Firefox to use MySagePay.

Sage Pay, which bills itself as the largest independent payment provider in the UK and Ireland, disputes this latter point while acknowledging that a small number of users were inadvertently inconvenienced by the upgrade. It has promised to mount an investigation.

Mat Peck, head of R&D at Sage Pay, explained: "Over the weekend, we upgraded our Sage Pay infrastructure, so that transaction processing is not only even more resilient, but also half a second faster per transaction.

"Following feedback from over 3,000 customers in the Spring, as well as focus groups, tech previews and a test site that has been live since the beginning of October, this upgrade has also added more functionality to My Sage Pay.

"We’ve also included a new API-based system to allow customers to reconcile transactions with their own back-office systems if they wish to do specialised reporting."

The upgrade process failed to slot into gear for an unspecified minority of Sage Pay users. "It’s been a huge project and we are really sorry that a small minority of our 32,000 customers have been affected by this weekend’s upgrade," said Peck.

"We don’t know why the customer you referenced was asked to change their login credentials to just letters and numbers, as we do allow some special characters in passwords and these have remained consistent since before the upgrade this weekend. We have started an investigation into why this happened."

Peck said that users were asked to upgrade IE 6 - to later versions of the browser or Firefox - and not advised to ditch Microsoft's market-dominant browser software.

"With regards to your point about users being asked to use Firefox instead of IE, that’s not quite true," Peck explained. "We have asked all users to upgrade from IE 6 for their own security. However, for those that cannot, we have advised they should use Firefox instead."

Our contact in the Sage Pay user community said he was already running IE 8, so either support staff are giving out incorrect information (always a possibility) or an awkward browser compatability problem not identified during the beta testing of the update has emerged.

Sage Pay developers are committed to "resolving any outstanding issues" and ensuring the successful upgrade, Peck added. ®

comment icon Read 12 comments on this article alert Send corrections


Andrew Cobley

If only lawyers could make money rather than costing money

Chris Mellor

Execution warrant close to being signed for Fink's folly
Woman cuddles 'sly-looking' Fennec fox. Photo by Shutterstock
Cartoon of employee asking wky boss makes hium wear suspenders (while pincer through open trapdoor remains poised above his head) illustration by Cartoon resource for Shutterstock

Frank Jennings

It's not like my boss painstakingly nurtured the contacts, right?


Wind turbine, image via Shutterstock
Girl and computer, photo via Shutterstock
Middle-class terror of engineering also part of problem
Nerd fail photo via Shutterstock