Originally Posted by
Texas Booster
I put a PIN on my account after a friend lots points for some bogus reservations. It isn't 2FA but it adds a slight delay for the question to be asked and answered.
I don't foresee a problem except overseas or in secure installations.
I added the 4-digit PIN security pin to my Marriott account so if someone (including me) tries to reserve an award ressie via phone then they have to provide the PIN. My password is also really long.
This is completely untrue. United have spent the past year and more trying to
persuade me and many others to add a PIN to our accounts instead of/in addition to a password, just because pre-merger Continental customers had them. We have steadfastly refused to do so on security grounds. We have never had PINs and will not agree to invent them. My pre-merger United 2-digit 6-letter password is infinitely better security than any 4-digit PIN.
Agree. I've never had a PIN on my United account, although I heard that CO had them. My United password is really long & contains #s/letters. Will it totally protect against a brute force attack? No, but mine has a better chance of surviving it than someone who just has a PIN.
Cheers.