Last edit by: davie355
HHonors Sign In (if the link has disappeared)
https://secure3.hilton.com/en/hh/customer/login/index.htm
https://secure3.hilton.com/en/hh/customer/login/index.htm
Consolidated "CAPTCHA for logging in?" thread
#211
Join Date: Dec 2011
Posts: 1
Nonsense
This is nonsense. I just sent my second message to Hhonors. This year I had 239,000 base points and over a hundred stays. I saw the (later) comment that this may be disappearing in 2015. It's too late. You're losing my business.
Hi everyone,
We did recently update our website to include a CAPTCHA system, a protective measure that will help authenticate your Hilton HHonors account.
This is a commonly used security measure across many industries and is meant to serve as an extra step to further secure your HHonors account.
Thanks!
Erin
We did recently update our website to include a CAPTCHA system, a protective measure that will help authenticate your Hilton HHonors account.
This is a commonly used security measure across many industries and is meant to serve as an extra step to further secure your HHonors account.
Thanks!
Erin
#212
FlyerTalk Evangelist
Join Date: Feb 1999
Location: Seat 1A, Juice pretty much everywhere, Mucci des Coins Exotiques
Posts: 34,339
I think the main point is that no other hotel website (nor airline, nor car rental site that I'm aware of) engages in this nonsense. Talking about Ticketmaster or NY EZpass isn't really germane here.
Hilton is in competition with Starwood, IHG, Marriott, Hyatt, Accor, etc. None of those chains force us to deal with Captcha.
Hilton is in competition with Starwood, IHG, Marriott, Hyatt, Accor, etc. None of those chains force us to deal with Captcha.
#214
In Memoriam, FlyerTalk Evangelist
Join Date: Jul 2002
Location: Durham, NC (RDU/GSO/CLT)
Programs: AA EXP/MM, DL GM, UA Platinum, HH DIA, Hyatt Explorist, IHG Platinum, Marriott Titanium, Hertz PC
Posts: 33,857
#217
Join Date: Aug 2012
Location: SLC
Programs: DL FO, KM, & 1.7MM; UA nothing; HH♦; National EE
Posts: 6,344
#218
FlyerTalk Evangelist
Join Date: Jan 2005
Location: home = LAX
Posts: 25,935
It's you doing the logging in, not your phone.
And "i-phone" could be construed as a non-human also ("you human, I phone"). So could a bunch of "Windows". As well as a "Mac" (whether meaning a raincoat or a truck or macaroni or a type of apple fruit).
So if you think about it, just about everything you can log in with is named after something not quite human.
But it's who is doing loggin in, not what they're logging in with, that matters.
So the answer is very simple: If you (the person logging in on whatever device) are not a robot, check the box. (And, btw, if you are a robot, you're writing the best robot posts I've ever seen! Congratulations! )
And "i-phone" could be construed as a non-human also ("you human, I phone"). So could a bunch of "Windows". As well as a "Mac" (whether meaning a raincoat or a truck or macaroni or a type of apple fruit).
So if you think about it, just about everything you can log in with is named after something not quite human.
But it's who is doing loggin in, not what they're logging in with, that matters.
So the answer is very simple: If you (the person logging in on whatever device) are not a robot, check the box. (And, btw, if you are a robot, you're writing the best robot posts I've ever seen! Congratulations! )
Last edited by sdsearch; Dec 30, 2014 at 3:54 pm Reason: spelling
#219
Join Date: Aug 2012
Location: SLC
Programs: DL FO, KM, & 1.7MM; UA nothing; HH♦; National EE
Posts: 6,344
Thank you, I think. I'm not sure what a beset robot post is, but it sure sounds like a compliment.
#220
Join Date: Jul 2007
Location: San Francisco/Sydney
Programs: UA 1K/MM, Hilton Diamond, Marriott Something, IHG Gold, Hertz PC, Avis PC
Posts: 8,163
eg, Go to the Hilton website and attempt to login, and you'll likely get the simple tick-box. But then open a new in-private browser window and do the same thing again - you'll probably get a more complex test (after ticking the box) as the in-private browsing means no history.
Hilton adding this captcha isn't ideal, but given that they had a real reason for adding it (accounts being hijacked and points being stolen) it seems like a good short-term solution to me. Other sites may not to do, but don't be surprised if they start introducing it as many other travel sites are starting to get hit with the same thing - especially those that have relatively insecure logins (eg, Hilton's 4-digit pins)
#222
Join Date: May 2009
Location: EUG
Programs: AS MVP, AA MM, HH Diamond, MR Gold
Posts: 8,229
I had an interesting one on another site (can't remember where).
They asked "which is bigger?" (I at first tried to type "which is bigger?") until I saw that it was a drop down menu where you had to pick between choices like a pie, a pencil, China, an elephant, etc.
They asked "which is bigger?" (I at first tried to type "which is bigger?") until I saw that it was a drop down menu where you had to pick between choices like a pie, a pencil, China, an elephant, etc.
#223
Join Date: Feb 2013
Programs: Hilton Diamond
Posts: 4,270
Hilton adding this captcha isn't ideal, but given that they had a real reason for adding it (accounts being hijacked and points being stolen) it seems like a good short-term solution to me. Other sites may not to do, but don't be surprised if they start introducing it as many other travel sites are starting to get hit with the same thing - especially those that have relatively insecure logins (eg, Hilton's 4-digit pins)
This is what it all boils down to, there are HHonors members have had sizable point balances stolen and this is at least some sort of step to further protect accounts (while hopefully they do what is necessary to enhance their systems). I don't have a problem with the number captchas, but the words are quite difficult and appear to be getting worse (well except the Happy New Years that was there yesterday )
At some point over the past few months Delta initiated a third step when signing on and that is after your enter your passcode a new field pops up asking for your last name. I assume that is attempting to provide a somewhat similar function to the captcha but is a lot easier on the user. I personally think Hilton could improve things just re-engineering the way you sign on to have to be a password that is a lot more secure than a 4 digit PIN (aka number and letters and one being upper case)
#224
FlyerTalk Evangelist
Join Date: Jan 2005
Location: home = LAX
Posts: 25,935
At some point over the past few months Delta initiated a third step when signing on and that is after your enter your passcode a new field pops up asking for your last name. I assume that is attempting to provide a somewhat similar function to the captcha but is a lot easier on the user.
If you haven't been to Delta.com in many months, I don't koow if they will let you log in one last time with a PIN or not. But even if they will let you do it one last time, they will require you to create a password on the spot.
#225
Join Date: Mar 2011
Location: Colorado
Programs: Lifetime UA 1K, Lifetime Hilton Diamond, Lifetime Marriott Bonvoy Titanium
Posts: 1,261
HILTON -- THE IS A COMPLETE JOKE. YOU HAVE MADE YOUR WEBSITE USELESS !
I am astounded how these major companies have no commitment to IT security and have to implement these hacks. Every one of them should fire their CIO (or the CFO if he is the one preventing the CIO for spending what is required to secure their IT infrastructure).
Last edited by bldr1k; Jan 2, 2015 at 10:38 am