@geoffday67  I'm not sure why all this password discussion has taken over the thread, the important matter is have you got an Openreach appointment to fix your fibre LOS fault?

Also you should not have needed to enter your username and password in the router, that is assuming you are using a Plusnet supplied Hub. It should configure automatically when your service is activated using the TR-069 Remote Management protocol which on Openreach FTTP uses a dedicated secure VPN channel. At the Plusnet end the router serial number is used to indentify the account and transmit the Username and password to the hub. You could ask Plusnet to check that your hub is set up correctly on the management platform.

Just to recap on the Password question, I have been active on this forum for many years and the security of having to reveal letters of your password has been questioned on occasions. Plusnet say it is secure but will, understandably not give any details. I would tend to agree with @jab1  in post #11. If the system really is insecure I'm sure there would be a lot of forum posts about it.

---

@geoffday67 wrote:
 The ACS Law report talks about sending unencrypted data 

---

15 years ago - I'm fairly certain that, and other, potential security issues will have been plugged.

The ACS Law incident did not say passwords were leaked:

All; Firstly, we would like to apologise again to customers affected by the leak of data from ACS Law. We can confirm that we did send unencrypted data to ACS Law. However, this was not the cause of the leak. At a later date, due to a cyber-attack on the systems of the law firm, data that it held was leaked.

And this Wiki link clearly shows that ACS:Law were, to put it politely, incompetent.https://en.wikipedia.org/wiki/ACS:Law

Obviously a reversible hash (not a one-way hash).