The frequent travel loyalty programs of most companies have converted the process of accessing a membership account from using a personal identification number of only four digits to using an actual password with mixed characters in order to increase security and mitigate the possibility of having membership accounts accessed by unauthorized people…
A Real Password Can Finally Be Used to Protect Your IHG Rewards Club Account
…and one notable exception had been IHG Rewards Club, which had its members use personal identification numbers with only four digits to access their membership accounts and were thus theoretically more likely susceptible to data breaches — until recently.
Members of IHG Rewards Club may now better protect their accounts by using actual passwords with at least eight characters — including at least three of the following four criteria:
- Capital letter
- Lower case letter
- Number
- Special character
You will then be automatically logged out and asked to log back in with your new password.
New members will be required to have passwords when creating new membership accounts; while existing members will have a choice of whether or not to change from a personal identification number to a password.
At the time this article was written, no time frame has been revealed as to when — or if — the personal identification number option will eventually be eliminated.
Data Breaches are Unfortunately Rather Common
Passwords are significantly more secure than personal identification numbers — especially those which comprise of only four digits — because they are inherently more difficult to crack or breach by nefarious individuals who seek to steal your miles or points…
…or even worse: steal your identity by accessing your personal data and information.
Unfortunately, even complex passwords are not foolproof against breaches.
Although I have written extensively about data breaches which compromise your personal information — as well as the miles and points which you have worked so hard to earn over the years — the following articles do not even come close to documenting all of the data breaches solely within the travel industry, as no frequent travel loyalty program appears to be immune or completely secure:
- Reports of Some Hilton Honors Accounts Breached; Points Used For Amazon Purchases
- Starwood Guest Reservation Database Security Incident: I Finally Received My Letter From Marriott — Part 2
- You May Get a Share of Money From Kimpton Hotels Data Breach Settlement
- Your Chance to Claim Up to £1,500 From British Airways as Compensation For Data Breach
- Delta Air Lines Cyber Incident: Customer Information Breach Possible
- Credit Card Security Breach at 41 Hyatt Hotel Properties in Eleven Countries
- Payment Card Data Breach Confirmed by Kimpton Hotels & Restaurants — and What You Can Do
- Data Breach Reported by Hyatt Hotels Corporation: What You Can Do
- More Data Breaches with Starwood and Hilton: What You Can Do
- Another Possible Security Breach of Information With Hilton — This Time, With Credit Cards
- Should Points or Miles Be Given to Compensate Loyalty Program Members For Inconvenience Due to Account Breach?
- Miles Stolen; American, United and Delta Frequent Flier Accounts Breached
- Warning: Security Breach of E-Mail Accounts at Various Companies
- Two Years of Free Credit Monitoring Offered by Delta Air Lines Resulting From Cyber Incident
- Unauthorized Individual Accessed My Hyatt Gold Passport Account?
- Cyber Attack on an Account I Have Not Had in Years?!?
- Breaking News: Many British Airways Executive Club Accounts Locked; Avios Reset to Zero
- My Starwood Account Was Compromised: More Details — and What Happened
- Follow Up: My Telephone Call With a Starwood Representative
- Warning: Your Hilton HHonors Account Can Be Sold for Cents on the Dollar by Thieves
How to Protect Yourself From Unauthorized Breaches
Log into each of your frequent travel loyalty program membership accounts and update your user name; password; security questions and answers, if any; and your verbal password, if one is required.
Also ensure that all of your contact information — including your postal mail address, telephone number and e-mail address — is correct.
Additionally, take the following recommended proper precautions to help secure against unauthorized access to any of your frequent travel loyalty program membership accounts:
- Do not use your e-mail address as your identification to log into your account.
- Use a complex password and regularly update it.
- Use different log in credentials with each Internet web sites.
- Always check your membership accounts on a regular basis.
- Promptly report any potential suspicious activity to a representative of the frequent travel loyalty program.
Summary
When your own frequent traveler loyalty program membership account is compromised, the statistics of whether or not others have experienced similar issues is irrelevant. I should know — my Starwood Preferred Guest membership account was compromised back on Friday, January 16, 2015. Not only were all of the Starpoints wiped out; but I could not even access my membership account because the password was changed.
Fortunately, you are almost guaranteed to have your miles or points replenished in your membership account if it has indeed been compromised — as had eventually happened to me with my Starpoints.
The switch from personal identification numbers to passwords is both long overdue and a thankful move by the IHG Rewards Club frequent guest loyalty program, as I have been advocating for it in numerous articles for years; and although the personal identification number method is still in effect, I switched to a custom password — and you should strongly consider doing the same thing.
I already change my four-digit personal identification number to a real password; and the process consumed only a couple of minutes of my time at the most.
Photograph ©2017 by Brian Cohen.
