Last edit by: davie355
HHonors Sign In (if the link has disappeared)
https://secure3.hilton.com/en/hh/customer/login/index.htm
https://secure3.hilton.com/en/hh/customer/login/index.htm
Consolidated "CAPTCHA for logging in?" thread
#1
Original Poster
Join Date: Jun 2013
Programs: DL Plat, Hilton Diamond, Marriott Plat, IHG Plat, Hertz Prez Circle, National Exec
Posts: 1,357
Consolidated "CAPTCHA for logging in?" thread
Anybody else getting a CAPTCHA this morning trying to log in to HHonors? Of course, the website was still down afterword. But having the CAPCHA was a first for me. I'm totally okay with it though, since it makes it tougher to brute force passwords and login credentials.
#2
Join Date: Aug 2008
Location: DUS
Programs: UA Gold, FB, Hilton Diamond, Marriott Gold
Posts: 134
I noticed the same thing earlier today. It almost certainly has to do with the large number of reports of people having their HHonors account hacked, maybe this simply happened by an automatic system attempting to log in via the outdated and insecure 4 digit pincode system.
#4
Moderator Hilton Honors, Travel News, West, The Suggestion Box, Smoking Lounge & DiningBuzz
Join Date: Jun 2000
Programs: Honors Diamond, Hertz Presidents Circle, National Exec Elite
Posts: 36,026
I couldn't even get the sign-in page at the HHonors site, but the Hampton Inn site let me log in and indeed has a captcha. Took three refreshes before I got one that I could actually read.
#6
Join Date: May 2010
Location: PHL
Programs: AA EXP, UA *S, Hilton Diamond, Marriott Titanium, Hyatt Exp, IHG Plat, National EE, Sixt Plat
Posts: 648
I'm getting the CAPTCHA too today. Agreed that it's likely a quick bandaid due to the recent reports of hacked accounts. I'd expect a better long term solution in the not too distant future (e.g. no more 4-digit PINs), but this is just an immediate fix.
#10
FlyerTalk Evangelist
Join Date: Aug 2001
Location: RSW
Programs: Delta - Silver; UA - Silver; HHonors - Diamond; IHG - Spire Ambassador; Marriott Bonvoy - Titanium
Posts: 14,185
I didn't mind that it was one simple three-digit number; I can't stand it when they ask for two, difficult to make out ones.
#11
Join Date: Sep 2011
Location: SFO/SMF
Programs: Holder of six "persona non-grata" awards
Posts: 1,914
The "bad guys" just figure out PIN's and don't bother with a password.
#12
Join Date: Jun 2005
Location: AUS
Programs: AA Exec Platinum/MM, DL Gold/MM, Hilton Diamond, Accor Platinum, Hertz Presidents Circle
Posts: 6,975
Is Hilton insane? Do they simply want people to stop using their website? Is some sort of a bot automatically logging into Hilton accounts a realistic threat? What could they do even if they did get access?
I can't imagine a customer-facing company with a more incompetent IT department.
I can't imagine a customer-facing company with a more incompetent IT department.
#14
Original Poster
Join Date: Jun 2013
Programs: DL Plat, Hilton Diamond, Marriott Plat, IHG Plat, Hertz Prez Circle, National Exec
Posts: 1,357