Questions Congress should ask Sibelius.

[Vic Sandler]

Day 46. This morning I tried again. Office_shredder said to change both the username and the e-maill address. Last night I only changed the username. This morning I changed both the username and the e-mail address. It made no difference in the behavior. I get an e-mail telling me the account was created. The e-mail has a link that takes me to a page where I can log in with the username and password that I provided. When I do, it takes me to the following:

Terms & Conditions

So that HealthCare.gov remains accurate and available to you and all other visitors, we monitor network traffic to identify unauthorized attempts to upload or change information or otherwise cause damage to the web service. Use of this system constitutes consent to such monitoring and auditing. Unauthorized attempts to upload information and/or change information on this website are strictly prohibited and are subject to prosecution under the Computer Fraud and Abuse Act of 1986 and Title 18 U.S.C. Sec.1001 and 1030.

To continue, you must accept the terms and conditions. If you decline, your login will automatically be cancelled.

Below this there are two buttons one says "Decline", the other says "I Accept". I have been meditating on why there is a difference in syntax between these two choices when my time would be better spent wondering why they are threatening me with prosecution so early in the game. Clicking the "I Accept" button has no discernible effect. After clicking it, I logged out and back in, but it took me to the same Decline/I Accept page.

One possibility is the db table that holds login information is hosed. That's why I can't reset my password, that's why the decline/accept page doesn't work. Any page that writes to or updates any field in that table is subject to failure. Maybe reads too.
Another possibility is that the connection to the db is not working. Maybe it can't handle more than small number of connections at the same time.
Yet another possibility is that several tables are intertwined in such a way that a lock on a record in one table prevents the smooth operation of records in other tables. My money is on this one.

 

[Borg]

Vic, it's hard to say what the databases look like in your case. I think that the more ways that you try, the more screwed up your account will become. Remember that there are multiple databases spread across 10 or more government agencies and private companies. Each of them likely has their own lockout triggers which probably don't have a central unlocking mechanism.

I know that when I check my credit reports each year, the credit bureaus will lock the account permanently if I screw up any of the questions. I then have to request a password be sent to my home so that I can log in. I wonder what happens on the ACA when this happens? Does a failure through the API result in the same kind of lock in the credit bureau database as a failure through their website? If so, how does your info get unlocked and would the ACA site even notify you that it happened? And this is just one of the many databases that the system interacts with.

 

[russ_watters]

Ah, you're right. I didn't read closely enough. I'll have to wait for a future press conference to announce that delay.

In any case, I still think that the problems are much deeper than anyone is letting on.

No prob. I do have a different take on that last bit though: I'd just say the problems are worse than Obama is acknowledging. That shouldn't be surprising; that is just how politicians are. What I don't get is why they are like that. Obama must know that he's making things worse for himself by letting this slow-motion train wreck play out. Why hasn't he pulled down the website to get it out of the media while it is being fixed? Does he need Vic to troubleshoot the website for him?

 

[Locrian]

What am I missing here? I though the one-year delay was just on the requirements for private policies that were resulting in cancellations? I thought that had nothing to do with the website?

The one year delay for canceled policies is definitely related to the exchange, in that the exchange was supposed to be how those people got new policies. If someone thought the exchange could be fixed in the next week or two, allowing the reinstatement of non-ACA compliant plans wouldn't have been allowed.

To put it another way, the administration has known for two years those plans were closing. That was okay with them because they thought those people could get another policy, and thought they would like it. The broken exchange broke that plan.

 

[Borg]

No prob. I do have a different take on that last bit though: I'd just say the problems are worse than Obama is acknowledging. That shouldn't be surprising; that is just how politicians are. What I don't get is why they are like that. Obama must know that he's making things worse for himself by letting this slow-motion train wreck play out. Why hasn't he pulled down the website to get it out of the media while it is being fixed? Does he need Vic to troubleshoot the website for him?

Lol on that. Seriously though I think that most of the failure has occurred at a much lower level and hasn't been filtering up through the chain of command as it should have. Would Obama have handled it any differently? Probably not. With politicians it always seems to come down to a giant game of CYA.

One case in point for why I think problems are occurring at a lower level is the last minute change that the government requested that all users would have to create accounts and log in before they could see their health options. The system wasn't originally designed to work that way and it was already known that there were issues with the site breaking down with too many logged in users. Somebody had a duty to inform the government that their request couldn't be accommodated in such a short time frame and then it would be the government's responsibility to accept that. Instead, a bone-headed, last minute change to the website was implemented that caused the entire system to function even worse.

I don't know if it was the contractor or the government that failed to do their part in this case but I've seen it happen both ways. Once that occurs, the only thing that is usually heard at the higher levels is that all is well. The fact that it seems to have occurred regularly points to a systemic problem in the way that the contract was handled.

 

[edward]

Day 46. This morning I tried again. Office_shredder said to change both the username and the e-maill address. Last night I only changed the username. This morning I changed both the username and the e-mail address. It made no difference in the behavior. I get an e-mail telling me the account was created. The e-mail has a link that takes me to a page where I can log in with the username and password that I provided. When I do, it takes me to the following:


Below this there are two buttons one says "Decline", the other says "I Accept". I have been meditating on why there is a difference in syntax between these two choices when my time would be better spent wondering why they are threatening me with prosecution so early in the game. Clicking the "I Accept" button has no discernible effect. After clicking it, I logged out and back in, but it took me to the same Decline/I Accept page.

One possibility is the db table that holds login information is hosed. That's why I can't reset my password, that's why the decline/accept page doesn't work. Any page that writes to or updates any field in that table is subject to failure. Maybe reads too.
Another possibility is that the connection to the db is not working. Maybe it can't handle more than small number of connections at the same time.
Yet another possibility is that several tables are intertwined in such a way that a lock on a record in one table prevents the smooth operation of records in other tables. My money is on this one.

If you try to bounce in and out of Pay Pal , changing user names and passwords, you only get three tries, then they block you out entirely until you fax proof of your identification.

They do so because it has the appearance of fraud, or a fraudulent attempt by someone to gain access to your account. At least that part of the ACA website is apparently working.

You shot yourself in the foot by repeatedly trying to gain entry when you knew the website was not working. So now I am wondering how many other people are doing the same thing?

 

[Office_Shredder]

Vic, with regards to the Accept/Decline button, that button did not work for me in google chrome. I had to switch to Internet Explorer to get it to work - this seems to be at least partially a chrome issue for me, as in the past month there have been four or five different websites that I've encountered where I have trouble clicking on things in chrome and have to switch to another browser.

 

[Vic Sandler]

If you try to bounce in and out of Pay Pal , changing user names and passwords, you only get three tries, then they block you out entirely until you fax proof of your identification.

I don't understand what you mean by this. Surely there are legitimate reasons why a person would have more than three Pay Pal accounts, each with a different user name and password. Anyway, I used a different username, password and e-mail. These and my first and last names are the only five pieces of information they had to go on. From that information, how were they able to ascertain that I already had a different account?

They do so because it has the appearance of fraud, or a fraudulent attempt by someone to gain access to your account. At least that part of the ACA website is apparently working.

You don't seem to grasp the mind-numbing incompetence of the website creators. If they were trying to block me out entirely, I'd have gotten my insurance by now.

You shot yourself in the foot by repeatedly trying to gain entry when you knew the website was not working.

Don't blame me, I did nothing wrong. The website is working. 27000 people got through. By what means was I to know that I would not be number 27001?

 

[Vic Sandler]

Vic, with regards to the Accept/Decline button, that button did not work for me in google chrome. I had to switch to Internet Explorer to get it to work - this seems to be at least partially a chrome issue for me, as in the past month there have been four or five different websites that I've encountered where I have trouble clicking on things in chrome and have to switch to another browser.

Actually, I was using Firefox. However, I took your advice and used IE. I got past the Accept/Decline page and a few pages further. With my heart in my mouth, I told them my SS# even though that should have triggered a security alarm. It did not. However, a few pages more it clammed up at the Privacy Policy page. It has a button labeled "Save & Continue". Clicking that button has no visible effect and I am at a standstill. Later, I will try getting past that point using other browsers.

A button that only works on some browsers is yet another reason to question whether the money for this website was well spent. There are differences between browsers and even between different versions of the same browser. The technology to make a web page that runs on all of them exists and is straightforward to implement. But I don't think that technology is necessary for a button.

 

[Vic Sandler]

I went to the site and entered my username. Then I entered the wrong password. Of course, I did not get in. It redrew the login page blanking out the username and password fields. I reentered my username and used a different wrong password. I did this 5 times with different wrong passwords, none of them similar to the correct one nor to each other. It never revoked permission for me to try again. The 6th time, I entered the correct password and got in. Does Pay Pal work like that too?

 

[Vic Sandler]

Why hasn't he pulled down the website to get it out of the media while it is being fixed?

Aside from the negative media exposure, there is another practical reason to shut down the site. Those 834's are coming out wrong. It must be a heavy burden on the insurance companies to have to call each of 27000 customers and verify the information it contains. If the logjam breaks and a flood of applications comes through, it will become prohibitively expensive to verify. They should shut down the site until at least that part of the program starts to work.

Does he need Vic to troubleshoot the website for him?

Technically speaking, I'm more like a beta-tester than a troubleshooter. If I were a real beta tester, I would have a contact to report the bugs to. They would expect me to provide a recipe for reproducing the bug and any error messages that appear. The result would be a bug ticket that would be assigned to a programmer. As far as I know, there is no place for end users to submit that kind of information.

 

[edward]

I went to the site and entered my username. Then I entered the wrong password. Of course, I did not get in. It redrew the login page blanking out the username and password fields. I reentered my username and used a different wrong password. I did this 5 times with different wrong passwords, none of them similar to the correct one nor to each other. It never revoked permission for me to try again. The 6th time, I entered the correct password and got in. Does Pay Pal work like that too?

You only get three tries with Pay Pal. Even this forum limits the number of times you can try to log in with an incorrect password in a given amount of time.

You used different wrong passwords five times?? What exactly was your logic in doing that?

 

[Vic Sandler]

If you try to bounce in and out of Pay Pal , changing user names and passwords, you only get three tries, then they block you out entirely until you fax proof of your identification.

As I said in post #148, I don't understand what you mean by this. I wish you would enlighten me.

You used different wrong passwords five times?? What exactly was your logic in doing that?

I thought maybe you meant that if you try to bounce in and out of Pay Pal, using the same user name and changing passwords, you only get three tries. That is not uncommon in websites and as you pointed out, Physics Forums works that way. So I tried that. That is exactly my logic. Is that not what you meant in post #146?

 

[edward]

As I said in post #148, I don't understand what you mean by this. I wish you would enlighten me.


I thought maybe you meant that if you try to bounce in and out of Pay Pal, using the same user name and changing passwords, you only get three tries. That is not uncommon in websites and as you pointed out, Physics Forums works that way. So I tried that. That is exactly my logic. Is that not what you meant in post #146?

No you tried to log in five times using wrong passwords. Many websites will see that as a Brute force log in attack. After I read that five times with bogus passwords bit it really doesn't matter what PayPal and other websites do.

Is there anything left of your foot after shooting it that many times? Don't bother to ask me what I mean by that. You might consider giving it a break for a while before they come looking for you.

 

[Evo]

Thread closed.