|
Originally Posted by MASTERNC
(Post 34522772)
Our IT training just showed how someone can even avert the push notification 2FA by directing you to a bad website, capturing the cookie data fed back after the 2FA, and then pasting it into the web browser code. Nothing is perfect.
|
Originally Posted by EXP100
(Post 34106767)
Is it just me but I have no desire when I'm trying to pull the app up in the airport/AC for any number of reasons and needing to get a code text to me to do so.
|
I learned at 7am today that someone hacked my account when my password was failing and I saw emails from 6am that my password and account info was updated.
I was able to get back in with my security questions and found a name, address, phone and email in the UK was attached to my account. I changed my info back, updated my password and security questions. Points were not taken and future trips were still in tact. It was at this point I searched for MFA options but, as mentioned upthread, this is not a priority for AA. Did I catch the issue quick enough (1 hour) that the hacker didn’t have time to muck with my account? Or should I be worried they may already have info they need to call in and redeem trips over the phone? |
I don't think 2FA is a big deal among airlines given that reservations can be accessed online without any authentication at all.
|
Originally Posted by PHL
(Post 35153848)
I learned at 7am today that someone hacked my account when my password was failing and I saw emails from 6am that my password and account info was updated.
I was able to get back in with my security questions and found a name, address, phone and email in the UK was attached to my account. I changed my info back, updated my password and security questions. Points were not taken and future trips were still in tact. It was at this point I searched for MFA options but, as mentioned upthread, this is not a priority for AA. Did I catch the issue quick enough (1 hour) that the hacker didn’t have time to muck with my account? Or should I be worried they may already have info they need to call in and redeem trips over the phone? |
Mine was hacked a year or two ago — they found the guy who did it and used all the miles, but said I had to report it to local police in his jurisdiction and they wouldn’t refund the miles until something substantial happened… I had to get a new AAdvantage number and everything.
|
So......this happened to me this morning (07/13/23):
https://viewfromthewing.com/american...tage-accounts/ I had logged in late last night (07/12/23) (more than once) just fine, like normal. This morning I logged in like usual on the Login page, BUT...... instead of actually logging me in it took me to a page w/ 6 small boxes asking for my verification code that it had emailed to me. I checked my email & sure enough there was an email from American Airlines. Once I copied/pasted the code I was then in like normal (w/ my name in the light blue box up top. No warning this was coming. I thought I'd been spammed at first. UGH, what a pain !! https://cimg0.ibsrv.net/gimg/www.fly...705b00552a.jpg |
Pain?! This is the best thing American has done for their IT in years. The amount of accounts getting hacked (that will now more easily be prevented) is huge.
|
Suddenly two-factor authentication is required on my AA account.
At least I was able to access my email account at the same time, which was significantly less frustrating than an experience with Target on the same day: Target required the same suddenly as I was in the process of trying to pay with my phone at a self-checkout device. |
I was asked for the verification code on my most recent login. Will I be asked every time now for a new code or will it be only randomly during logins?
|
I'm curious how this will be implemented with the AA app and when accessing the app/web site while in-flight. Without buying in-flight wifi internet access, getting the code from an e-mail will not be possible.
|
Originally Posted by Perdita
(Post 35458920)
I was asked for the verification code on my most recent login. Will I be asked every time now for a new code or will it be only randomly during logins?
I do almost always log into AA w/ Firefox on my home computer. Maybe some cookies or something are saved. We'll see going forward. I also always keep track of my husband's AA stuff (both our trips together & his work trips w/o me). I usually use Chrome to log into his AA acct (just so I don't have to keep re-entering our login info in Firefox every time). I just logged in as him in Chrome & it still has not asked for a verification code. |
Logged in twice today. Both times I was asked for a verification code. First time it has ever happened to me. What a pain in the rear. VPN related, maybe? I hope this isn't going to happen every.single.time that I log in.
|
Originally Posted by TheDudeAbides
(Post 36064766)
Logged in twice today. Both times I was asked for a verification code. First time it has ever happened to me. What a pain in the rear. VPN related, maybe? I hope this isn't going to happen every.single.time that I log in.
|
| All times are GMT -6. The time now is 7:32 pm. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2026 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.