United Airlines updated its security system for customers’ United MilePlus account, and people are not happy.
In an email to customers, United Airlines said it will adopt two-factor authentication going forward. Two-factor authentication is used to make accounts more secure. It typically involves entering a username and password, followed by an extra step like entering a pin or scanning your fingerprint.
But customers are rightly pointing out that United Airlines new system really doesn’t count as two-factor authentication.
United Airlines wrote in its email to customers: “If you contact United by phone, you’ll be asked for your password when using the automated system or for your security answers when you speak to a United representative. Your security questions will also be used as part of upcoming two-factor authentication to further protect your account — you’ll be asked to answer your security questions the first time you sign in from a device that we don’t recognise.”
But customers are pointing out that not only does United’s new system not qualify as two-factor authentication, but it’s unsafe to provide a password over the phone.
This is not two factor authentication. This is idiocy. Please stop.
United did not immediately respond to Business Insider’s request for comment.