I've contacted Best Western about what I believe to be a significant security concern about their website.
I used the webform to contact their Website support but disappointedly I only received a form letter back.
Hello Mr. zoobtoob,
Thank you for contacting Best Western Rewards. We will be glad to assist
you with this. We apologize for the delay in answering you, but we have
been receiving a high volume of e-mail and appreciate your patience.
We appreciate any suggestions that our guests provide to help us better
our service and our website. Your comments have been forwarded to our
Marketing Department as guest observations help Best Western determine
our strong points as well as those areas that may need attention.
We thank you for choosing Best Western Rewards and for your continued
loyalty to our brand. If we can be of further assistance please let us
know.
Best Regards,
This is not a marketing problem. This is an IT & security problem (perhaps even legal if their password database leaks).
They are storing passwords in a database either in plain-text or using a simple cipher. You can tell this because when you click the "forgot password" link, they email your password right back to you in plain text. This does not follow modern security practices of "salting and hashing".
How can I shortcut front-line support and get in touch with somebody higher up so this can get corrected?
I would recommend that all FT users change their Best Western password immediately to something they do not use on any other website.