Originally Posted by
zitsky
I work in IT and I agree. I think this change wasn't sufficiently tested. Some VP or Project Manager needs to be taken out to the woodshed.
Testing isn't the (only) problem.
The problem is the design is horrible, period. Even if they rolled it out and it worked exactly as it's been designed to, the following things would still be true:
- You have a 1 in 100 chance of gaining access to any Mileage Plus account you know the name and number to.
- To reset your password, you have to answer "security questions" with answers you had to select from drop-down lists, many of which are questions about your tastes. Like I'm going to remember 5 years from now what movie genre I thought I liked the most...
- If you fail your password reset ONCE, or if ANY OTHER PERSON tries to hack your account and fails, it doesn't just prevent your password from being changed, it LOCKS OUT YOUR ACCOUNT ENTIRELY until you call.
These are just plain bad design decisions. These bad decisions were made before any of the software was written. Someone had to come up with them and someone had to sign off on them.
The fact that that happened indicates absolute complete incompetence on the part of the parties responsible.