As I was flying out of DTW this past Tuesday, I saw a man who was sitting outside the A40 Worldclub stealing the wireless. The Worldclub folks didn't seem to care as when I walked downstairs to board my flight, he was seated in the sitting area near the exit. It seems as if they invited him in or something.

they have a whole bank of "airport chairs" next to the DCA WC. I frequently see lots of ppl sitting there on their computers.

Mind if I ask where the location is?

Boo To T-Mobile
 

Don't get me started on how T-Mobile markets their Hotspot service in airports. Half the time, they don't mention that it is accessible only if you have a membership to the lounge itself.

The MSP C WorldClub's password scheme is really smart. So smart is it, the password hasn't changed in a week, and it's not even case-sensitive. Really smart move, NW. Oh so smart...

You'd think if they wanted to use a smart password, instead of this new setup, they'd just ask for your WorldPerks # at sign-in. Since your number is tied to your WorldClub membership, it would accurately be able to allow those who are supposed to get in. For partners and/or PriorityPass, they could just have a temp. password they hand out when you do membership verification when you come in the club.

It would be much more complicated (and expensive) to have to build a database connection and lookup into the system. I'm not a network security expert, but I would think that a direct line into the NW database would be a bigger hacker threat. I would be annoyed if I had to enter the password X7jg#32a9!03z and change it every day. You would also have to use your WP PIN number since you could just randomly guess nine digit number and hope to hit on a members.

The simple password will probably defeat 99% of the people using the wireless from outside the club. It is also only a few seconds of labor to change the password in the router on occasion.

Considering that they swipe your WC membership card on entrance and it checks with a database somewhere to verify memership, I don't think it would be that complicated to do that lookup. Really, algebraically & logically it's a very simple process. The hardest part would be programming the web interface to talk with the database, and that's not too hard to do.

As far as hacking threats, NWA.com is used by many over wireless connections to manage all account features, view account summaries, buy award tickets, purchase revenue tickets, etc. I think NW could handle something as simple as this. ;)

Do you really think the current password is any harder to randomly guess?

I very much doubt that the free internet connection is physically linked to the terminal that they swipe your card through. No way would they want to allow open access direct into their reservations systems. Yes, I am sure it can be done securely, but there would be a cost for it, and what would be the benefit?

The system worked for some time without any security. Apparently someone complained - either valid users who had speed/access issues due to leechers, or the airport authority losing $$$ on leechers. The simple solution was to add a password to the wireless router. This is a free fix for NW, other than the few minutes it takes to log into the router and put up a sign for the authorized users, who are controlled by their physical ability to enter the club and see the sign.

To require authentication means costs for IT people to program the interface, probably some new hardware/wiring, maintenance, and so on. Then there is the cost of helping users who don't have a WP # pre-authorized (internationanl biz class, partner clubs, spouses/guests, etc.). This then means longer lines for members trying to get fights rebooked by the agents. I can't see a return on this investment for NW, or the WC members.

If an underground network of hackers and password sharing causes whatever the original problem was to resurface, then they might want to look at more security. Otherwise, I find simple is better.

I'll share, but I am not posting it public. ;) Check your PM's.