Skip to main content
Koodo Community
Community
Proposed

How to fix some glaring issues for Koodo's site

  • November 9, 2025
  • 4 replies
  • 82 views
Joshua Chassé

First, I am angry. Took me 2 months to log into koodo.
I had to crawl through these forums to figure out the issue.

Some easy fixes:
1 - Koodo, stop sending bill notifications via text when your site is down for maintenance. I think its happened to me 2-3 times and it is atrocious.

2 - Allow logins from VPNs. Find a better way to weed out bad actors. The fact that I had to search on these forums to figure out that you hate VPNs was a real kick in the nuts. I had spent 2 months trying to log in, reset password and still not be allowed in. The AI assistant goes in circles. Cannot get a callback without logging in. But cannot log in because it says account is locked. Reset password, account still locked. The error is wrong, it is not that the account is locked, it is that I am behind a VPN. So now I had to figure out that I have a killswitch enabled that I need to turn off along with an advanced kill switch to turn off VPNs so I can appease something you need?

3 - Fix your email links. Your password reset email, all the contact us links are 404 errors. You are uncontactable by anyone without an account, and if your account system is broken, then we cannot log in to pay you or contact you. Could not log into the community to post a query.

 

4 - If you are so concerned about VPNs, add 2FA, if that is not ideal in the event that someone might have the phone, then do a google or MS authenticator.

    4 replies

    Dinh
    Forum|alt.badge.img+4
    • Dinh
    • Mobile Master
    • November 9, 2025
    1. Most of the maintenance happens at night time though. It is just part of the process. CRA turns off their website 3 hour/day as well.
    2. Do you have any good suggestion to defend bad actor who is using VPN from foreign countries? 
    3. Can you share the detail of the scenarios where you had issue with 404 code?
    4. MS authenticator or Google aren’t Koodo product though. Maintenance and glitch can also happen at anytime.
    A Koodo customer, opinions are my own.
    Joshua Chassé
    1. Timing. Don’t send text messages stating that your bill is ready but have maintenance ongoing to prevent login.
    2. Just don’t. As a bad actor a VPN is pretty low level. Bad actors are often going to be in control of other machines, a botnet or some scammer that reverse shelled into a mark. To coordinate the attack through a patsy instead of a VPN would make everything appear legit. So by mandating that people not use safe browsing and security is a problem. Similar, if Koodo said that you could not log into their site if you use an ad blocker would be equally egregious. Despite the fact that the FBI and CSIS recommends people use VPN and ad blockers as a major vector of infection is malicious ads.
    3. Sure, just go ahead and reset your password. The email that comes to you will have some links that work and some that do not. The Contact tries to go to koodomobile.com/contact which does not exist. Same with their “Thank you for payment” email. The Legal, contact us and UNSUBSCRIBE are broken links. Facebook, X and youtube work. So it is obvious that koodo has their priorities straight.
      1. Looking at the Unsubscribe, that would make Koodo out of compliance with CRTC CASL legislation.

      2. We should probably report the Broken Unsubscribe Link.

        1. If you encounter a broken or non-compliant unsubscribe link, you should report it to the CRTC's Spam Reporting Centre (SRC). The complaints submitted by Canadians are a vital source of intelligence for the CRTC's enforcement activities.

    4. Yes, they are not koodo products, but enough fortune 500 and other companies use is as part of their RDP and VPN access protocols. Logins to mission critical services. You saying that industry recognised processes are insufficient is in a realm of its own. I would be more wary of a proprietary solution for a company that has shown that emails and login solutions are hard.

    G
    Dinh
    Forum|alt.badge.img+4
    • Dinh
    • Mobile Master
    • November 9, 2025

    1. Could you share the instance where you experienced issues with both text and access to self-serve at the same time? Was it related to using a VPN?

    2. Are you suggesting we remove some security measures just to allow unrestricted VPN use? That seems perplexing to me. You could try switching your VPN server to a local Canadian one to see if that helps. Also, could you share a link from the FBI or CSIS regarding VPN usage?

    3. I haven’t encountered that issue myself. If possible, please share a screenshot of the email—just be sure to hide any personal information before posting.

    4. I’m a bit confused by your suggestion. First, you recommend removing the VPN, and now you're suggesting adding another complex app just to login? Asking users to install an extra app just to log into a website seems like a bigger burden than simply disabling the VPN.

       

    A Koodo customer, opinions are my own.
    G
    Forum|alt.badge.img+4
    • Goran
    • Mobile Master
    • November 9, 2025

    CSIS would never tell the broad public to use VPNs in Canada as that would make their mass surveillance efforts more difficult. Internal government gets that recommendation as well as perhaps international travel recommendations. The Canadian Centre for Cyber Security does issue guidance for businesses for network protocols tho. 

    Terms & ConditionsAccessibility statement
    Koodo Community