Originally Posted by
DaviddesJ
Originally Posted by ordbkk View Post
A simple fix would be to generate two "codes": the PNR, and a passcode.
That's effective but not simple. Given what I've seen of UA IT, this would take them months to implement across their own system, at least. And just training all of the call center staff on the passcodes and when to require them and what to do when people don't know them would be a big project. It's also not clear that you could get all of the third-party systems that make reservations on UA to even pass on the passcodes to their users.
Another method that is easier to implement is to require members to be logged in to the UA account before being allowed to make changes to or cancel their reservations.
For reservations of those who are not UA members, the reservation must have an e-mail address in it in order for changes to be made (including the e-mail address itself). When a change (including changing the existing e-mail address, seat assignment, flights etc)/cancellation is attempted, the passenger will receive an e-mail with a link that they must click on before they are taken back to the website to do the change/cancellation.