UA initiates Account Security Update (Security Q&A authentication added 2016)

Reply Subscribe

Thread Tools

Search this Thread

Feb 15, 2016, 11:36 am

#166

DENflyer3

Join Date: Jul 2008

Location: DEN

Programs: UA-GS; WN A-list;Hyatt - CC; Hertz - PC

Posts: 644

I was shocked when at the questions with predetermined answers. These security questions seem to be some of the easiest there are to break if anyone has any remote knowledge of the persons account they are hacking. I am actually more offended now that they made me feel less secure.

Feb 15, 2016, 11:45 am

#167

Michael D

Join Date: Nov 2008

Location: DFW

Programs: UA peon (+decades 1K), AA Exec Plt

Posts: 1,117

Quote:

Originally Posted by DENflyer3

You can make any security question an order of magnitude more secure by making up an answer instead of answering it truthfully. If your favorite color is blue don't say blue say green.

Of course you need to remember that you answered the random color green not your favorite color blue.

In general you really don't want to provide any more personal information when answering security questions.

Feb 15, 2016, 11:59 am

#168

milepig

FlyerTalk Evangelist

Join Date: Nov 2004

Location: ORD

Programs: UA 1K

Posts: 16,901

Quote:

Originally Posted by Michael D

Look at this picture below of your login window. Still asking for a PIN even though I have set my password.

BTW the red asterisk is not reference elsewhere on the page.

But, does the PIN still work. I thought this display was a legacy since people aren't yet required to change their PIN. I changed from PIN to password, and my PIN no longer actually works.

I assume the wording is generic since they don't know whether or not you've changed from PIN to Password until you attempt login.

Feb 15, 2016, 12:47 pm

#169

raehl311

Join Date: Jan 2008

Location: EAU

Programs: UA 1K, CO Plat, NW Plat, Marriott Premiere Plat, SPG Plat, Priority Gold, Hilton Gold

Posts: 4,712

Quote:

Originally Posted by Michael D

You can make any security question an order of magnitude more secure by making up an answer instead of answering it truthfully. If your favorite color is blue don't say blue say green.

Unless, of course, you are using the United website, where your answers must be selected from a drop-down menu.

If you're suggesting you can lie and say "green" when the answer is really "blue", that's hardly an improvement.

Feb 15, 2016, 1:01 pm

#170

stimpy

FlyerTalk Evangelist

Join Date: Feb 1999

Location: Seat 1A, Juice pretty much everywhere, Mucci des Coins Exotiques

Posts: 34,339

Quote:

Originally Posted by raehl311

There's no requirement that banks allow you access to your accounts online. If the website isn't working, you still have the same option bank customers have had for the history of banks: Walk into one during business hours and transact your business.

Are you sure that is the current law in all 50 US states? Not to mention Europe and the rest of the world?

Feb 15, 2016, 6:58 pm

#171

DENflyer3

Join Date: Jul 2008

Location: DEN

Programs: UA-GS; WN A-list;Hyatt - CC; Hertz - PC

Posts: 644

United initiates new Mileage Plus Account Security Update

There absolutely no way I could remember the fake answers I would give. Of course I could probably save them in a word document on my computer, but I'd forget where that file was too.

Last edited by goalie; Feb 15, 2016 at 7:25 pm Reason: Fixed typo in post title

Feb 15, 2016, 7:49 pm

#172

Michael D

Join Date: Nov 2008

Location: DFW

Programs: UA peon (+decades 1K), AA Exec Plt

Posts: 1,117

Quote:

Originally Posted by DENflyer3

There absolutely no way I could remember the fake answers I would give. Of course I could probably save them in a word document on my computer, but I'd forget where that file was too.

I can't remember them either.

I'm on a Mac and I use a program called 1Password which stores all my passwords and logins. It has matching programs on iOS and they all sync. Also you can add notes and photos. It is all encrypted. I use secure passwords and do not use duplicate passwords. I could not function without it.

Feb 15, 2016, 7:54 pm

#173

mahasamatman

A FlyerTalk Posting Legend

Join Date: Apr 2004

Location: GVA (Greater Vancouver Area)

Programs: DREAD Gold; UA 1.035MM; Bonvoy Au-197; PCC Elite+; CCC Elite+; MSC C-12; CWC Au-197; WoH Dis

Posts: 52,139

Quote:

Originally Posted by stimpy

Are you sure that is the current law in all 50 US states? Not to mention Europe and the rest of the world?

As long as physical currency exists, I couldn't see any government anywhere in the world mandating online access. But I also think we're off on a tangent to the thread topic. Frequent flyer accounts will never (or need) have the same level of security as a bank account.

Feb 15, 2016, 9:37 pm

#174

stellarlight

Join Date: Mar 2012

Posts: 83

Just went through the process, hesitantly. Actually had a hard time deciding which security questions to answer, and I don't think I can remember my answers. Couldn't it be easier for everyone if the questions were something like "What is your mother's maiden name" or "What is the name of your first pet"?

Feb 15, 2016, 10:42 pm

#175

mahasamatman

A FlyerTalk Posting Legend

Join Date: Apr 2004

Location: GVA (Greater Vancouver Area)

Programs: DREAD Gold; UA 1.035MM; Bonvoy Au-197; PCC Elite+; CCC Elite+; MSC C-12; CWC Au-197; WoH Dis

Posts: 52,139

Quote:

Originally Posted by stellarlight

Couldn't it be easier for everyone if the questions were something like "What is your mother's maiden name" or "What is the name of your first pet"?

Including identity thieves. But more obscure questions (like "Why does the mouse when it spins?") with freeform answers would certainly be better.

Feb 16, 2016, 12:47 am

#176

IainC

Join Date: Apr 2008

Location: SYD; Central Coast, NSW

Programs: UA, 1K 2MM

Posts: 947

Well, despite the issues raised by many on this thread, I bit the bullet and accepted UA's email request today to update the security access to my UA account. All went seamlessly and no problems logging in or navigating UA.com after creating a new password. The security questions seem excessive and redundant and curiously was not asked a single security question on the multiple times I logged in today - so what is the point of these questions?

Feb 16, 2016, 5:17 am

#177

stimpy

FlyerTalk Evangelist

Join Date: Feb 1999

Location: Seat 1A, Juice pretty much everywhere, Mucci des Coins Exotiques

Posts: 34,339

Quote:

Originally Posted by IainC

The (stupid) reason for the questions is that if you ever forget your password and ask them to reset it, you will probably be required to answer those questions. And as some of us will not know the answers because they have no meaning to us, we will have go through a big PITA to get our account access back. And that exercise will consume a fair bit of labor on UA's side too.

Feb 16, 2016, 5:19 am

#178

stimpy

FlyerTalk Evangelist

Join Date: Feb 1999

Location: Seat 1A, Juice pretty much everywhere, Mucci des Coins Exotiques

Posts: 34,339

Quote:

Originally Posted by mahasamatman

Frequent flyer accounts will never (or need) have the same level of security as a bank account.

I wouldn't say that. FF accounts have grown up a lot around security over the years and I expect security will continue to improve one way or the other. Do you remember when we all got our account statements in the mail with all the account details include the PIN printed on the statement for anyone to read (assuming they stole our mail)?