IainC

Ah, I see...and agree!

milepig

Well this is annoying.

I just went onto United.com and signed in. I then clicked on the "my account" link and I had to sign in again. Way to go, guys!

LAXOGG

I believe you can only create new ones.

grt

finally!!! The security questions are kind of inane, though.

pinks

I'm glad that they are updating security, but these security questions are ridiculous. I had a hard time picking enough questions that had legitimate answers.

airchick

I answered security questions over the weekend. Then tried to log in yesterday and my password did not work. I was not asked to update my password so I tried using my old Continental password.

Called UA, then was transferred to MP customer service, then to .com customer service, then to I'm not sure who.

Here was the scary part: the CSR walked me through a reset password tool that asked me three security questions, question #2 was NOT one of the five I selected just the day before. I was freaking out and she used that 'IT say anything to get them to STFU' tone, like "So your house is burning down, can you select enter?" She told me to just answer it; it seemed like she did not believe that it was not a question I had selected. So I selected an option, question #3 was familiar. And I was able to reset my password presumably because I got at least two of three answers correct.
I could not get out of her if there was an error with the system, or if using non-selected security questions was part of the process. It was very unnerving.

TOMFORD

These are the worst questions ever, I barely know my answers to these and I am me. Better to make sure I never forget my password.

Thunderroad

Answered my five security questions (and I agree, what a stupid selection they are). Not given any chance to update my password.

The next time I tried to log in, I couldn't get into the site because neither my pin (as per the new rules, so no surprise) or my password (now that's the surprise) accepted. So I go to "forget password," and in turn to the new security questions. But I get caught in a loop between two questions (favorite outdoor activity and first car, FWIW), but the questions keep cycling between the two whenever I answer one. In other words, I wasn't allowed to proceed further in order to get a password email sent to me.

Finally, called MP and fortunately reached someone without having to wait. He issued me a new temporary password, which I in turn used to establish a new password. So a solution!

But still a hassle in that even after logging into the site, I had to again enter my MP # and password to access My Account.

naumank

Does the new process provide 2-factor log-in? This will enhance the security tremendously.

Michael D

Sure it is.

If you have to answer two questions with each question having more than twenty answers to reset your password then the odds of me guessing the correct answer is greater than one out of four hundred if you lie and pick one at random and not truthful. (note the list of answers for some questions are greater than fifty.)

If I know you love snowboarding and you picked favorite winter activity as a question then my odds of getting into your account would drop to one out of twenty instead of four hundreds if United asks me to answer that question you answered truthfully when I try to reset your password.

Michael D

No. That cost money because they have to text you. You have to be running a business where you can spend a quarter on your customer for each $250.00 they spend at your business. And you need to have a rudimentary understanding of security. And you have to really have a modern website. And ...

If it is true that you cannot log in with a PIN and only need that for confirming who you are and not perform any actions in your account with it, then this exercise will be worth it.

I couldn't log in with my user name today. Had logged in previously with it. Logged in with my MP number, went to my account and had a blank for my user name. Reset it. Will see how long it sticks this time.

raehl311

Hahahah.

This is United IT, remember?

No.



You are grossly underestimating the incompetence of United IT.

When you go to reset your password, they don't show all 20 or 50 options that were there when you picked one. They only show 10. So right off, it's not 400 combinations, it's 100.

And, given that the questions are so inane that even *I* already have forgotten my actual answers to them, "lying" about the answer isn't creating any extra security. If someone is trying to hack accounts, they'll just take a crack at their 1 in 100 shot at an account, and if they miss, move on to the next one. Trying to research someone's favorite color isn't worth it when you can just try 100 accounts and get one.

DBCme

The thing is, United KNOWS the potential security risks; this explains why they removed the username functionality when logging in. Given this, wouldn't the I.T department think of something clever - or even consistent with modern day online security? Even if that fails, wouldn't someONE in the department raise their hand and say, "uh no, that's the level of security my dad use to have when logging into his Apple IIc computer back in 1990, we should do something cooler." Did all of this really fail at United?

piemel

What idiot came up with those questions?

Half of them don't apply to me, others don't have the correct answers (no 'funk' for favorite music) others are just weird.

why not have the 'typical' security questions as in name of best man, mothers maiden name, birth place etc?

These are the worst ever, I have never even seen anything so badly thought out. Somebody needs to be yelled at or demoted.

Nincompoops

Jebus!

WineCountryUA

Perhaps those might not be the best choice for those with Facebook accounts.