#1: T-Mobile wants me to log into their website to re-enter my expired credit card. The card number remains the same -- only the 3-digit code on the back has changed and the expiration date has updated. They seem to know this -- they are perfectly happy to keep billing the "expired" card, but my $5 per month discount is removed until I update the card.
#2: Their website is a circus to log into. I'm unclear if it's because I'm on vacation out-of-state, using a VPN, or have/had Privacy Badger plug-ins to block the 13+ trackers on their site. In any case, by the time I have turned all that off (and after deleting browser cookies) they either are on alert that I must be an attacker or else their shit just malfunctions.
I begin an endless round of enter email address and password, get sent a 6-digit code by email, enter that code, have to enter my T-mobile phone number (which I never use since this is a 5G home Internet service), get told the "good news" that there is already an account associated with that phone number, then start this same cycle all over again (email, password, 6-digit code...).
#3 So I give up (hoping "attack" alerts will be expired by the next morning) -- nope -- same problem loop as in #2 above. So I call tech support. They want a PIN number I must never have gotten (I ALWAYS write these things down). "No problem" -- they can send a temporary PIN to my router -- if I'm at home to receive it.
#4: So I try online again -- this time with VPN enabled to look like I'm near home. The website starts entirely blocking my ability to access the site at all. Okay... So I turn VPN off. Now I can access the site again, and once again enter the login infinity loop as in #2 above.
Keep in mind all this bullshit is so I can save the $5 per month on an "expired credit card" that they know is not expired since they can keep billing it while I'm not able to login and update the expiration date and 3-digit code!!
Basically a direct debit from your bank account to bypass paying the credit card or debit card network fees. (Debit cards are significantly less to process than credit cards. ACH is “free”, I guess)
This is but one example. It's getting to the point when -- anytime I need to log into an account on a major site -- I must disable VPN, disable Pihole and tracking blockers, and maybe make sure I'm on a home Internet service. If they actually cared about security, the 2FA and long passwords would be enough.
So... I made another attempt at this once I got home from vacation. I turned off all anti-tracking plug-ins. I turned off VPN. I made sure I was connected to the T-Mobile router itself (I have several Internet services -- don't ask...).
Well... It's no longer sending 2FA to my email address to confirm I'm me. I guess that is progress. It still makes me enter my T-Mobile phone number after I enter my email address and password, then happily declares that I have an account! Then I can click on that link to repeat the endless cycle again and again...
So, I'll have to call them. Last time I called them they wanted to send a PIN code to my router for me to read back to them (which I could not -- out of town). Okay -- so I've logged into my router now, and unlike past T-Mobile routers, I see NO PLACE that I can receive text messages... So unless I'm missing something I CAN'T be sent a PIN code to my router....
This should be a fun phone call to tech support.
What they CAN do is continue to bill my expired(?) credit card for an extra $5/month -- even though they don't have the new 3-digit code from the back of the card or the new expiration date. I guess this is good? I have questions.