Originally Posted by
Airclues
All hotels insist on a credit card being produced at check-in.
That varies. On award nights or on otherwise direct billed nights, I've checked into a fair number of hotels in Europe where I've shown no bank card and no ID at check-in.
Originally Posted by
markle
The industry is beginning to disagree with that point of view - essentially where you have mandatory password changes people tend to use simpler passwords and then alter them in a very predictable way after each reset. In the end it's felt that any security benefit gained from having changing passwords is offset by the simplicity / predictability of passwords used.
There's a good blog post about this at
https://www.ftc.gov/news-events/blog...ssword-changes
I'd read that many months ago and there is indeed something to that. But when companies both require more complex passwords during a company-required password change and restrict use of a prior password or part of a prior password from being re-used, the increased frequency of password changes does help increase account security unless bad password creation/retention habits are allowed and/or being used (as is very often happening).
Originally Posted by
Washington DC
The trouble you have is that hackers aren't learning your passwords then hanging around before using the points - as soon as they guess or discover, then they're redeeming for items that can be used quickly (gift vouchers, immediate travel).
Changing your password 2 weeks later will stop them coming back, but normally your account will be cleaned out.
If you're going to make an effort, go for a password manager and a secure, unique password for each site you use (as well as 2 factor where available).
Some of the raids on compromised airline program accounts involve redeeming high value awards upon the thieves finding the "right customer". And other raids on compromised accounts involve immediate redemptions to do as indicated above.