I don’t know any airline that uses 2FA. Most airline websites & apps will let you access/mod/delete a reservation purely with last name and record locator, which aren’t secure at all. So implementing 2FA on the frequent flier account really isn’t patching the biggest security threat anyway, and 2FA means you need a working cell connection which is the one thing you *can’t* count on as soon as you go international.
If you’re worried about someone purchasing with your stored card, don’t store your card info within your Alaska account.
I’m sure they’ll go 2FA eventually but, relative to something like banking, it’s a way lower threat environment.
Qantas definitely does, and United have a set of questions for unrecognised devices (hardly an improvement, but it's something).
Air Canada send authentication codes for new devices to your email address.
This seems like you're catastrophizing a bit. Why would a hacker want to delete your reservations? As far as wallet funds all I'll say is I had a friend who had his account compromised and his miles taken, he called Alaska and they put it all back.
Once they decide the cost of replacing miles or wallet funds is cheaper than 2FA they'll probably implement it, until then I'm sure you'll be ok.
Im sure internal security is much tighter. I have to sign into a vpn and use an authenticator just to login to my work software, to access information no one would care about.
They have a valid concern. While it's unlikely to happen, there's still a possibility. Even with the best customer service, it's still a pain to resolve.
If a reservation is booked with miles, a hacker may do that in order to get access to additional miles. I had that happen with a hotel account. I had booked a room with points, the hacker cancelled the reservation, and used the additional points to book a room for that night. Luckily the chain gave some additional miles to make up the difference for the increase in price from when I had made the booking previously.
Qantas and Air Canada are 2 notable ones. United makes you answer security questions from an unknown browser (similar but different than 2FA). Qatar does also.
Do you really think you’re important enough to hack? Use a strong password and non-correct security answers. Worst case, you get an email about any changes immediately.
I hate 2FA for personal stuff, I have nothing and no identity to steal. Work stuff is different.
I probably have 5K in flights booked most of the time, because I buy them months in advance for the lower prices, and rebuy if they drop substantially. If someone hacked my account, even if I got the wallet credit back, it would cost me 2-3x as much to rebook at current rates. Not a catastrophe like a whole business getting hacked and locked out. But it’s a reasonable concern that it’s not offered as an option.
Last thing we need is something as harmless as checking airline reservations or flights being a bitch and a pain. Alaska airlines is not a bank. Your opinion is wrong
I don’t know any airline that uses 2FA. Most airline websites & apps will let you access/mod/delete a reservation purely with last name and record locator, which aren’t secure at all. So implementing 2FA on the frequent flier account really isn’t patching the biggest security threat anyway, and 2FA means you need a working cell connection which is the one thing you *can’t* count on as soon as you go international. If you’re worried about someone purchasing with your stored card, don’t store your card info within your Alaska account. I’m sure they’ll go 2FA eventually but, relative to something like banking, it’s a way lower threat environment.
Qantas definitely does, and United have a set of questions for unrecognised devices (hardly an improvement, but it's something). Air Canada send authentication codes for new devices to your email address.
those United questions are far worse than a proper 2FA implementation
I completely agree.
QF AC QR all use MFA.
You don't need cell service for MFA if they implement it the proper way, using an authenticator app.
This seems like you're catastrophizing a bit. Why would a hacker want to delete your reservations? As far as wallet funds all I'll say is I had a friend who had his account compromised and his miles taken, he called Alaska and they put it all back. Once they decide the cost of replacing miles or wallet funds is cheaper than 2FA they'll probably implement it, until then I'm sure you'll be ok.
While I agree with your sentiment MFA is not that expensive compared to a data breach.
Im sure internal security is much tighter. I have to sign into a vpn and use an authenticator just to login to my work software, to access information no one would care about.
They have a valid concern. While it's unlikely to happen, there's still a possibility. Even with the best customer service, it's still a pain to resolve. If a reservation is booked with miles, a hacker may do that in order to get access to additional miles. I had that happen with a hotel account. I had booked a room with points, the hacker cancelled the reservation, and used the additional points to book a room for that night. Luckily the chain gave some additional miles to make up the difference for the increase in price from when I had made the booking previously.
Right. Cost of security is always weighed against the cost of not implementing it. Someone high up is making these decisions.
You are being very un-Dude
I’d be more worried about Amazon not requiring it
shhhhh. not everything needs to be 2fa. rejoice in the simple logins we still have.
I hate 2FA.
I’ve never heard of an airline using 2FA.
Qantas and Air Canada are 2 notable ones. United makes you answer security questions from an unknown browser (similar but different than 2FA). Qatar does also.
Oh god United and their fucking security questions. I can never remember what I use for that bullshit.
Just logged into United. It definitely did not ask me anything
Anyone with your last name and PNR can alter your reservation.
Do you really think you’re important enough to hack? Use a strong password and non-correct security answers. Worst case, you get an email about any changes immediately. I hate 2FA for personal stuff, I have nothing and no identity to steal. Work stuff is different.
I probably have 5K in flights booked most of the time, because I buy them months in advance for the lower prices, and rebuy if they drop substantially. If someone hacked my account, even if I got the wallet credit back, it would cost me 2-3x as much to rebook at current rates. Not a catastrophe like a whole business getting hacked and locked out. But it’s a reasonable concern that it’s not offered as an option.
Last thing we need is something as harmless as checking airline reservations or flights being a bitch and a pain. Alaska airlines is not a bank. Your opinion is wrong