BAEC now forcing SMS authentication?
Jun 1, 2023, 1:08 pm
#1
Original Poster
Join Date: Oct 2021
Location: London (née Melbourne)
Programs: Qantas Platinum (Oneworld Emerald)
Posts: 988
BAEC now forcing SMS authentication?
Logging on to my account today, was forced to add a phone number and receive a code by SMS to login.
Was then given a long 'recovery code' which would be needed to access my account if I changed phone numbers or couldn't receive SMS.
Not sure if this is being rolled out to everyone or just some, but there seemed no way to opt-out or postpone.
Was then given a long 'recovery code' which would be needed to access my account if I changed phone numbers or couldn't receive SMS.
Not sure if this is being rolled out to everyone or just some, but there seemed no way to opt-out or postpone.
Jun 1, 2023, 1:20 pm
#2
Join Date: Nov 2018
Location: BER
Programs: BA GGL, Hilton Diamond
Posts: 1,843
Logging on to my account today, was forced to add a phone number and receive a code by SMS to login.
Was then given a long 'recovery code' which would be needed to access my account if I changed phone numbers or couldn't receive SMS.
Not sure if this is being rolled out to everyone or just some, but there seemed no way to opt-out or postpone.
Was then given a long 'recovery code' which would be needed to access my account if I changed phone numbers or couldn't receive SMS.
Not sure if this is being rolled out to everyone or just some, but there seemed no way to opt-out or postpone.
i got curious
i wanted to check if same for me...
tadaaaaaaa
sorry, cant help. even if i want to... but 2FA always sounds nice.
Jun 2, 2023, 2:49 am
#5
Join Date: Jan 2013
Programs: BAEC GfL
Posts: 336
Jun 2, 2023, 3:08 am
#6
Join Date: Oct 2013
Location: BMA
Programs: SAS Eurobonus Gold Card
Posts: 324
Jun 2, 2023, 3:14 am
#7
Join Date: Mar 2014
Location: Leicestershire / Dubai
Programs: BA Silver, Marriott Bonvoy Titanium Elite & Lifetime Gold, Heathrow Rewards Premium, Tesco Clubcard
Posts: 663
About time if they are rolling this out.
I've previously mentioned that the security for accounts is awful, especially as they don't even allow me to set a secure password for my account as the website does not like special characters.
I kind of wish that they allowed MFA using a verification code generated by apps such as the iOS Passwords app rather than SMS (since the verification code can be automatically filled in), but at least it's a step in the right direction by BA.
I've previously mentioned that the security for accounts is awful, especially as they don't even allow me to set a secure password for my account as the website does not like special characters.
I kind of wish that they allowed MFA using a verification code generated by apps such as the iOS Passwords app rather than SMS (since the verification code can be automatically filled in), but at least it's a step in the right direction by BA.
Jun 2, 2023, 3:21 am
#8
formerly JackDann
Join Date: Oct 2017
Location: Northern Ireland
Posts: 1,659
About time if they are rolling this out.
I've previously mentioned that the security for accounts is awful, especially as they don't even allow me to set a secure password for my account as the website does not like special characters.
I kind of wish that they allowed MFA using a verification code generated by apps such as the iOS Passwords app rather than SMS (since the verification code can be automatically filled in), but at least it's a step in the right direction by BA.
I've previously mentioned that the security for accounts is awful, especially as they don't even allow me to set a secure password for my account as the website does not like special characters.
I kind of wish that they allowed MFA using a verification code generated by apps such as the iOS Passwords app rather than SMS (since the verification code can be automatically filled in), but at least it's a step in the right direction by BA.
Jun 2, 2023, 4:48 am
#11
Join Date: Dec 2014
Location: London, UK
Programs: BAEC Gold-GGL
Posts: 1,191
Jun 2, 2023, 4:53 am
#12
Join Date: Aug 2006
Location: Switzerland
Posts: 1,593
Jun 2, 2023, 5:27 am
#13
Join Date: Apr 2018
Location: LON, between FAB and EGTD
Programs: OWS - AA Lifetime Platinum, BA nobody (blue)
Posts: 867
Not required for me today. And I hope never. For goodness sake, Shell requires 2-factor authorization to claim the £1.50 petrol discount or even my free mars bar !
Jun 2, 2023, 5:27 am
#14
FlyerTalk Evangelist
Join Date: Jul 1999
Location: ORD/MDW
Programs: BA/AA/AS/B6/WN/ UA/HH/MR and more like 'em but most felicitously & importantly MUCCI
Posts: 19,719
I go through a TOTP step with a five-minute clock whenever I log on to pay a modest electricity bill. Absurd that there is nothing analogous to protect BA bookings worth thousands, Avios balances, embedded CC data, etc. The front door is as good as ajar.
A few years ago I had all my Hilton Honors points stolen via a flawed Amazon backdoor on what was then a similarly loosey-goosey site. Hilton have tightened things up somewhat since with 2FA. (Though it should be noted that NIST in the States has warned for years of 2FA's inadequacies.)
A few years ago I had all my Hilton Honors points stolen via a flawed Amazon backdoor on what was then a similarly loosey-goosey site. Hilton have tightened things up somewhat since with 2FA. (Though it should be noted that NIST in the States has warned for years of 2FA's inadequacies.)
Jun 2, 2023, 5:53 am
#15
Join Date: Nov 2004
Location: ORD, LHR, FCO
Programs: BA Gold, etc. etc.
Posts: 1,402