UA initiates Account Security Update (Security Q&A authentication added 2016)
#361
Join Date: Jul 2007
Location: San Francisco/Sydney
Programs: UA 1K/MM, Hilton Diamond, Marriott Something, IHG Gold, Hertz PC, Avis PC
Posts: 8,156
Just received an email with the following :
To better protect your United MileagePlus® account, later this week, we'll no longer allow the use of PINs and implement two-factor authentication. This will impact you in two ways when accessing your MileagePlus account:
1. If you contact United® by phone, you'll be asked for your password when using the automated system or for your security answers when you speak to a United representative.
2. Your security questions will also be used as part of upcoming two-factor authentication to further protect your account — you'll be asked to answer your security questions the first time you sign in from a device that we don't recognize.
If you think you may have forgotten the answers to your security questions, we recommend that you sign in to your account and select new questions and answers now.
Thank you for being a MileagePlus member and for taking the time to update your account.
1. If you contact United® by phone, you'll be asked for your password when using the automated system or for your security answers when you speak to a United representative.
2. Your security questions will also be used as part of upcoming two-factor authentication to further protect your account — you'll be asked to answer your security questions the first time you sign in from a device that we don't recognize.
If you think you may have forgotten the answers to your security questions, we recommend that you sign in to your account and select new questions and answers now.
Thank you for being a MileagePlus member and for taking the time to update your account.
#363
Moderator: Luxury Hotels and FlyerTalk Evangelist
Join Date: Sep 2002
Location: Palo Alto, California,USA
Posts: 17,854
I logged in to my account and on the profile section was given the option to ENTER security questions, but I couldn't find any way to review the ones I currently had. So do I remember them? As if!
Surely they can dream up some nonsense security reason why they can't show us our own data, but it is annoying and so far I have no other online account (including banking) that takes such a ham-handed approach.
Surely they can dream up some nonsense security reason why they can't show us our own data, but it is annoying and so far I have no other online account (including banking) that takes such a ham-handed approach.
#364
Moderator: United Airlines
Join Date: Jun 2007
Location: SFO
Programs: UA Plat 1.995MM, Hyatt Discoverist, Marriott Plat/LT Gold, Hilton Silver, IHG Plat
Posts: 66,850
If you can log on and not get a message about needing to do this, you have done it. UA has been encouraging the entry of this security questions for a number of months (since February).
#366
Senior Moderator; Moderator, Eco-Conscious Travel, United and Flyertalk Cares
Join Date: Jun 1999
Location: Fulltime travel/mostly Europe
Programs: UA 1.7 MM;; Accor & Marriott Pt; Hyatt Globalist
Posts: 17,831
This tweet to United made me laugh...
"can't wait to dictate "pipe, left curly brace, backslash..." a couple dozen times. Per attempt."
"can't wait to dictate "pipe, left curly brace, backslash..." a couple dozen times. Per attempt."
Last edited by l etoile; Aug 11, 2016 at 8:17 am
#367
Suspended
Join Date: Jul 2007
Programs: United GS+
Posts: 1,889
https://www.united.com/ual/en/us/acc...estionsanswers
#369
FlyerTalk Evangelist
Join Date: Aug 2015
Posts: 11,461
#370
Join Date: Feb 2009
Location: PDX
Programs: AS (MVP), UA (silver), AA, DL, Hilton (Gold)
Posts: 231
"For security purposes, if you're asked for your password you will only need to share the first five characters."
They really should have highlighted that in the email. And would have been good for them to comment for this business week article. I reacted the same way. Are you CRAZY? Read my full password to a call center rep.
http://www.businessinsider.com/custo...-change-2016-8
They really should have highlighted that in the email. And would have been good for them to comment for this business week article. I reacted the same way. Are you CRAZY? Read my full password to a call center rep.
http://www.businessinsider.com/custo...-change-2016-8
#371
Company Representative
Join Date: May 2011
Posts: 14
Security Updates to MileagePlus Accounts – Effective August 12, 2016
Hi everyone,
We wanted to share a security update with you regarding the login process for your MileagePlus accounts. As you are already aware, the security of our members' MileagePlus® accounts is very important to us. As many of you noticed back in February, members were made aware of changes when signing in, and were prompted to make important security updates. These included updating accounts with a strong password and answering security questions. This was done in preparation of global removal of PINs as a form of authentication, taking place on the evening of August 11, 2016.
For members that have not completed security updates they need to do so in order to access their account on or after August 12, 2016:
For members who have completed their security updates, they will be asked to answer two of their security questions the first time they sign in on or after August 12, 2016. Members will need to do this each time they sign in from a device or browser that we don’t recognize to further protect their account.
The most up-to-date information, including FAQs can be found here. In addition, we realize this is a hot discussion topic, so our security team leads will be available for questions here on this forum over the coming days.
Thank you,
-UA Security Insider
We wanted to share a security update with you regarding the login process for your MileagePlus accounts. As you are already aware, the security of our members' MileagePlus® accounts is very important to us. As many of you noticed back in February, members were made aware of changes when signing in, and were prompted to make important security updates. These included updating accounts with a strong password and answering security questions. This was done in preparation of global removal of PINs as a form of authentication, taking place on the evening of August 11, 2016.
For members that have not completed security updates they need to do so in order to access their account on or after August 12, 2016:
For members who have completed their security updates, they will be asked to answer two of their security questions the first time they sign in on or after August 12, 2016. Members will need to do this each time they sign in from a device or browser that we don’t recognize to further protect their account.
The most up-to-date information, including FAQs can be found here. In addition, we realize this is a hot discussion topic, so our security team leads will be available for questions here on this forum over the coming days.
Thank you,
-UA Security Insider
#372
Moderator: Smoking Lounge; FlyerTalk Evangelist
Join Date: Feb 2004
Location: SFO
Programs: Lifetime (for now) Gold MM, HH Gold, Giving Tootsie Pops to UA employees, & a retired hockey goalie
Posts: 28,878
Hi everyone,
We wanted to share a security update with you regarding the login process for your MileagePlus accounts. As you are already aware, the security of our members' MileagePlus® accounts is very important to us. As many of you noticed back in February, members were made aware of changes when signing in, and were prompted to make important security updates. These included updating accounts with a strong password and answering security questions. This was done in preparation of global removal of PINs as a form of authentication, taking place on the evening of August 11, 2016.
For members that have not completed security updates they need to do so in order to access their account on or after August 12, 2016:
For members who have completed their security updates, they will be asked to answer two of their security questions the first time they sign in on or after August 12, 2016. Members will need to do this each time they sign in from a device or browser that we don’t recognize to further protect their account.
The most up-to-date information, including FAQs can be found here. In addition, we realize this is a hot discussion topic, so our security team leads will be available for questions here on this forum over the coming days.
Thank you,
-UA Security Insider
We wanted to share a security update with you regarding the login process for your MileagePlus accounts. As you are already aware, the security of our members' MileagePlus® accounts is very important to us. As many of you noticed back in February, members were made aware of changes when signing in, and were prompted to make important security updates. These included updating accounts with a strong password and answering security questions. This was done in preparation of global removal of PINs as a form of authentication, taking place on the evening of August 11, 2016.
For members that have not completed security updates they need to do so in order to access their account on or after August 12, 2016:
For members who have completed their security updates, they will be asked to answer two of their security questions the first time they sign in on or after August 12, 2016. Members will need to do this each time they sign in from a device or browser that we don’t recognize to further protect their account.
The most up-to-date information, including FAQs can be found here. In addition, we realize this is a hot discussion topic, so our security team leads will be available for questions here on this forum over the coming days.
Thank you,
-UA Security Insider
#373
Join Date: Apr 2016
Programs: UA 1K 1MM, AA Gold, Marriott Titanium, Hilton Diamond, Hyatt Discoverist
Posts: 695
If one periodically clears their browser history, cooked and/or cache, will the security process have to be repeated? The reason I ask is that if I access a secure site (i.e. my online banking), I will clear out everything on my browser after I'm finished accessing that particular site
#374
Join Date: Mar 2008
Location: London
Programs: UA GS
Posts: 2,438
If one periodically clears their browser history, cooked and/or cache, will the security process have to be repeated? The reason I ask is that if I access a secure site (i.e. my online banking), I will clear out everything on my browser after I'm finished accessing that particular site
#375
Join Date: Nov 2008
Location: DFW
Programs: UA peon (+decades 1K), AA Exec Plt
Posts: 1,117
I use a program called "Cookies" on my Mac which allows me to manage my cookies. In particular it will allow you to choose which cookies not to delete. It has proven useful for deleting all the cookies except for the ones you need to verify your identity at a particular site.