Originally Posted by
sunshinebob
Got an email from BA with a 2FA verification code today suggesting that someone else was trying to log in - I checked and it was Award Wallet doing its thing. Anyway around this?
Weirdly I did get an update from them so they must be able to brute force some information which does not sound ideal bearing in mind they did not have access to the verification code.
In an ideal world BA would partner with companies like AwardWallet with an API key that you would (re)validate every so often, but I think there's little chance of this happening anytime soon.
AW is the main reason I haven't switched to MFA. My password is strong enough that I don't feel too threatened.