Oct 22, 2014, 4:27 pm
Last edit by: davie355
HHonors Sign In (if the link has disappeared)
https://secure3.hilton.com/en/hh/customer/login/index.htm
https://secure3.hilton.com/en/hh/customer/login/index.htm
Consolidated "CAPTCHA for logging in?" thread
Oct 14, 2014, 9:24 am
#61
Join Date: Jan 2003
Posts: 3,785
Hi everyone,
We did recently update our website to include a CAPTCHA system, a protective measure that will help authenticate your Hilton HHonors account.
This is a commonly used security measure across many industries and is meant to serve as an extra step to further secure your HHonors account.
Thanks!
Erin
We did recently update our website to include a CAPTCHA system, a protective measure that will help authenticate your Hilton HHonors account.
This is a commonly used security measure across many industries and is meant to serve as an extra step to further secure your HHonors account.
Thanks!
Erin
Is this going to be permanent or a temporary fix until a permanent solution could be found?
Oct 15, 2014, 3:40 am
#62
In Memoriam
Join Date: Jul 2001
Posts: 35,555
I believe it is commonly used for creating a new account, but not commonly used for every single login. Actually I have only seen it on Hilton site for the first time (on every login) and it is more troublesome because the "remember me" never worked.
Is this going to be permanent or a temporary fix until a permanent solution could be found?
Is this going to be permanent or a temporary fix until a permanent solution could be found?
Oct 15, 2014, 5:02 am
#63
Join Date: Nov 2008
Location: LHR
Programs: Ex-NWA Plat
Posts: 1,480
Oct 15, 2014, 5:45 am
#64
Join Date: Nov 2006
Location: Norway, Maine
Programs: United Silver and HH Diamond
Posts: 1,474
Oct 15, 2014, 9:05 am
#65
Join Date: Aug 2002
Location: St. Louis, MO
Posts: 1,411
Can anyone here name another loyalty program website that requires this at every log in versus just creating an account?
Oct 15, 2014, 9:17 am
#66
Join Date: Jan 2003
Location: PVG
Programs: MU Platinum, HH Diamond
Posts: 827
http://passport.ceair.com/cesso/logi...=1&local=en_US
Oct 15, 2014, 9:19 am
#67
Join Date: Jan 2003
Posts: 3,785
This is absolutely true in my experience. I know that I am on the low end of the spectrum here, but I have at least 20 airline, hotel, and car rental loyalty accounts. Hilton is the only one that requires this at every log in.
Can anyone here name another loyalty program website that requires this at every log in versus just creating an account?
Can anyone here name another loyalty program website that requires this at every log in versus just creating an account?
That's why I thought CAPTCHA was a quick fix and a more permanent and secured method will be coming. But from Erin's post, it seems like this is permanent?
Oct 15, 2014, 11:56 am
#69
Join Date: Jan 2003
Posts: 3,785
Oct 15, 2014, 10:01 pm
#70
Join Date: Jan 2009
Location: TUL
Programs: AA EXP 2MM; Marriott Titanium; Hilton Diamond; Hyatt Explorist; Vistana 5* Elite; Nat'l Exec Elite
Posts: 6,177
It works fine with Safari.
Oct 15, 2014, 11:38 pm
#71
Join Date: Aug 2012
Location: SLC
Programs: DL FO, KM, & 1.7MM; UA nothing; HH♦; National EE
Posts: 6,344
Oct 16, 2014, 4:38 am
#72
Join Date: Aug 2008
Location: South Park, Metropolis
Programs: AA LT PLT 3MM, Hilton/Marriott/SPG/Club Carlson GLD, IHG PLT
Posts: 4,608
Oct 16, 2014, 9:14 am
#73
Join Date: Jun 2013
Location: CMH usually
Programs: AA PLT, WN A+ (and Sometimes CP) | Hilton Diamond | Avis Preferred | National Car Exec
Posts: 414
In Chrome, it just seems to stop and load forever.
I hit the F12 key (debug console) and see:
index.htm:326 The page at 'https://secure3.hilton.com/en/hi/customer/login/index.htm?WT.bid=Home,,,logged_out_view' was loaded over HTTPS, but is submitting data to an insecure location at 'http://www3.hilton.com/en_US/hi/search/keywordsearch/keywordsearch.htm': this content should also be submitted over HTTPS.
So - - what that means for the non-technical people among us, is they are loading the login screen over https (secure) but sending the data back to Hilton over regular plain old http (not secure). What the hell, Hilton!?
I hit the F12 key (debug console) and see:
index.htm:326 The page at 'https://secure3.hilton.com/en/hi/customer/login/index.htm?WT.bid=Home,,,logged_out_view' was loaded over HTTPS, but is submitting data to an insecure location at 'http://www3.hilton.com/en_US/hi/search/keywordsearch/keywordsearch.htm': this content should also be submitted over HTTPS.
So - - what that means for the non-technical people among us, is they are loading the login screen over https (secure) but sending the data back to Hilton over regular plain old http (not secure). What the hell, Hilton!?
Oct 16, 2014, 11:06 am
#74
FlyerTalk Evangelist
Join Date: Jun 2004
Location: MSP
Programs: DL PM, MM, NR; HH Diamond, Bonvoy LT Gold, Hyatt Explorist, IHG Diamond, others
Posts: 12,159
I'd never seen the capcha going directly to Hilton.com; however, when I followed a link from an event (for their special rate), the login page did require one.
Awardwallet is still updating Hhonors points correctly for me.
Awardwallet is still updating Hhonors points correctly for me.
Oct 16, 2014, 1:44 pm
#75
Company Representative - Honors by Hilton
Join Date: Aug 2009
Programs: Hilton Honors
Posts: 1,516
I believe it is commonly used for creating a new account, but not commonly used for every single login. Actually I have only seen it on Hilton site for the first time (on every login) and it is more troublesome because the "remember me" never worked.
Is this going to be permanent or a temporary fix until a permanent solution could be found?
Is this going to be permanent or a temporary fix until a permanent solution could be found?
Thanks for your question! At this point, CAPTCHA is a long-term solution and has been implemented as an extra security measure for the safety of our members. I am collecting your feedback each day and passing along to my team so they are looped in on the user experience.
Thanks,
Erin