Site Security

Password Security

When deciding, which password to use for your Homestead Account there are some common pitfalls we recommend you avoid. It's true that cyber criminals are becoming increasingly sophisticated but we should be careful not to give them too much credit, it seems that weak passwords is major contributing factor leading to online fraud and compromised accounts.

When creating a password to use with your Homestead Account we advise you consider the following recommendations, to significantly reduce the chances of your account being compromised:

  • Make sure your password is random
  • Avoid using dictionary words in any language, words spelled backwards, common misspellings, and abbreviations;
  • Avoid sequences or repeated characters such as: 12345678, 333333, abcdefg, or adjacent letters on your keyboard (qwerty);
  • Personal information including your name, birthday, driver's license, passport number, or similar information; and
  • We recommend you use a minimum of 12 - 16 characters in your password and an minimum of 8.

When creating your password use a random combination of the following characters:

  • Numbers
  • Upper and lower case letters
  • Special characters including: !"£$%^&*()-+=#~;:/@\

I have forgotten my Password

If you forget your password, please don't worry. By simply following the steps below you can quickly and easily reset your password.

  1. Click the 'Forgotten password' link, situated directly above the 'Login' button. Can't see it? Click here.
  2. To reset your password please enter your account email address below and a password reset email will be sent to you.
  3. Click the link in the email to change your password. If you do not attempt to change your password in 24 hours your password reset request will be cancelled.

Network Security

To help protect the integrity of our network we use various security software packages to prevent malicious attacks and malware from infecting our computers. In addition we perform regular security scans provided by Trustwave Vulnerability Management services that deliver critical and proactive scanning, testing and remediation of application, database and network vulnerabilities, to better protect our systems and data.


The word 'Phishing' is used to describe the practise adopted by criminals who attempt to trick a person into providing sensitive and private information such as payment card data. Criminals using phishing techniques often imitate major companies and send emails to unsuspecting individuals via email, which can appear extremely professional and convincing.

No person from Homestead Caravans & Outdoor Leisure will ever ask for your personal information via email, in particular your account password or payment data. If you receive an email from us requesting this type of information, please contact our office immediately on 0161-830-229.

Web Server Security

Our eCommerce management software is cloud based and located on a web server, which is protected by a firewall and mulitple layers of additional security. Customer and order data is encrypted between the web server and the software client used by us when processing and managing orders, so it cannot be intercepted in the middle over LAN or the internet (SSH based tunnel).

Our systems contain "essential" business transactional data only typically used for accounts and record keeping. Our software systems do not store credit card numbers.

Sagepay Payment Provider Security

Our Payment Service Provider is Sage Pay (formerly Protx) – the largest independent payment service provider (PSP) in the UK and Ireland.

Sage Pay provides a secure payment gateway (Level 1 PCI DSS), processing payments for thousands of online businesses, including ours. It is Sage Pay’s utmost priority to ensure that transaction data is handled in a safe and secure way.

Sage Pay uses a range secure methods such as fraud screening, I.P address blocking and 3D secure. Once on the Sage Pay systems, all sensitive data is secured using the same internationally recognised 256-bit encryption standards.

Sage Pay is PCI DSS (Payment Card Industry Data Security Standard) compliant to the highest level and maintains regular security audits. They are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable.

Sage Pay is an active member of the PCI Security Standards Council (PCI SSC) that defines card industry global regulation.

In addition, you know that your session is in a secure encrypted environment when you see https:// in the web address, and/or when you see the locked padlock symbol alongside the URL.

So when buying through our site, you can be sure that you are completely protected.