QF trialling two-factor authentication for QFF accounts

Status
Not open for further replies.
Bloody awesome - I got it yesterday, and have to say I luv it, makes me feel more secure!

I'm global roaming when overseas (even if I have a local SIM for data), plus I am sure there are options if I can't get an SMS (Qantas being a relatively competent global travel business).

The incoming number is not new to me, having received "pole" (now obsolete) check in notifications and reminders (still current) from it.

It's the way several of my banks work, other than the one which makes me use a digital physical token device (which is probably reasonable considering the amount of money we are talking about) - so not really a difficult or new process.

All in, after reading about all the compromised account issues posted on here, IMO I think it is a REAL enhancement :)
 
I will hate it if I can't use MrP's account to book flights for him and us. I didn't feel insecure at all.
 
opusman said:
You'll just have to get him to transfer you all his points :)
Click to expand...

Well, yes. I can do that. :p. But mostly I book his work flights - around 2-3 domestic flights a week for the next couple of months. He doesn't have time and he wouldn't be alone in that. Goodness - what will happen to Tony Hancock and Griselda. :eek: She'll get the boot!

At least I will get surveyed now having taken part in the trial.
 
Struggling to Redeem Your Frequent Flyer Points?
The Frequent Flyer Concierge team takes the hard work out of finding reward seat availability. Using their expert knowledge and specialised tools, they'll help you book a great trip that maximises the value for your points.

AFF Supporters can remove this and all advertisements

I still can't understand why QF don't just make the pin/password say 8 characters with a capital/number/special character requirement like the rest of the developed business world seems to be able to do.
 
Pushka said:
I will hate it if I can't use MrP's account to book flights for him and us.
Click to expand...
I plan on updating the accounts that I "manage" to my mobile phone number, and then update individual bookings to the personal mobile numbers as required (so the person flying still gets the relevant messages delivered directly to them) :idea:

IMO Qantas could do a better job realising that individual family members often act as "account managers" for their "extended family team", in the same way that businesses have account managers for their staff team.
 
Gah. It's back again today. And the App is definitely flaky with it.
Message as below (I've already used the code so it's no longer 'active'. A different code is sent each time)
First message on logging in:
ImageUploadedByAustFreqFly1488666991.415647.jpg

And the message
ImageUploadedByAustFreqFly1488667018.516839.jpg

There is no option but to use the code unless you call.
 
Sponsored Post

Struggling to use your Frequent Flyer Points?

Frequent Flyer Concierge takes the hard work out of finding award availability and redeeming your frequent flyer or credit card points for flights.

Using their expert knowledge and specialised tools, the Frequent Flyer Concierge team at Frequent Flyer Concierge will help you book a great trip that maximises the value for your points.

oz_mark said:
If you know the PNR, you don't need to go into your FF account..
Click to expand...

I'm not worried about that but I won't be able to book a flight for someone else via their account. How will that work for business travel? It won't.
 
One reason to access your QFF account whilst overseas is to fill up Press Reader with loads of publications in the 12 hours prior to your flight.
 
TFA just to log into your account is complete overkill. If TFA is to be implemented, it should be limited to making points transactions and changing personal details (just like the banks do).
 
Except logging into your account can give someone your surname and PNR. That is sufficient to then do things like change your seat allocation or check you in.

Done correctly, 2FA will should not cause any friction.
 
Daver6 said:
Except logging into your account can give someone your surname and PNR. That is sufficient to then do things like change your seat allocation or check you in.

Done correctly, 2FA will should not cause any friction.
Click to expand...

If someone cracks my internet banking password, they can see all of my accounts, account numbers, balances etc which could result in far more damage than someone cracking my QFF login.

However, none of my banks require TFA to log in.

TFA is overkill just to log in to QFF and cannot be implemented without some level of unwarranted inconvenience.
 
Pleb Status said:
If someone cracks my internet banking password, they can see all of my accounts, account numbers, balances etc which could result in far more damage than someone cracking my QFF login.

However, none of my banks require TFA to log in.

TFA is overkill just to log in to QFF and cannot be implemented without some level of unwarranted inconvenience.
Click to expand...

What damage can be done by knowing your bank account number and balance? Other than I knowing you might be in debt and a millionaire, I can't do anything (ie take your money) with that information.
 
Daver6 said:
What damage can be done by knowing your bank account number and balance? Other than I knowing you might be in debt and a millionaire, I can't do anything (ie take your money) with that information.
Click to expand...

If I can fake your signature, I could walk away with everything you have.....
 
Pleb Status said:
If I can fake your signature, I could walk away with everything you have.....
Click to expand...


Firstly, that's not stored on my internet banking. Where are you going to get that from?

Secondly, even if you faked it, it would be the banks problem, not the owner of the accounts. Really would be pretty simple to prove that it wasn't you.

Thirdly, handing out one's bank account number and name is pretty common for accepting EFT payments. So if that was the direction for fraud, you'd think it would already be a massive deal.

So again, I'd suggest there is little to zero risk with your bank account number being known.
 
ajd said:
They're coming after your frequent flyer points
Click to expand...


How did the bad guys steal my Qantas identity? It's impossible to be sure, but it's usually through compromising a computer or mobile phone when a victim goes online via a public network. Qantas recommends using only secure networks to access accounts, rather than public Wi-Fi hotspots.
But, come to think of it, I had written my account number on my baggage tag, believing it would help find the bag if it went missing. It could also help someone steal my identity. D'oh.

:eek:
 
Daver6 said:
Firstly, that's not stored on my internet banking. Where are you going to get that from?

Secondly, even if you faked it, it would be the banks problem, not the owner of the accounts. Really would be pretty simple to prove that it wasn't you.

Thirdly, handing out one's bank account number and name is pretty common for accepting EFT payments. So if that was the direction for fraud, you'd think it would already be a massive deal.

So again, I'd suggest there is little to zero risk with your bank account number being known.
Click to expand...

Pushka said:
Not really.
Click to expand...

So identify theft does not exist. Nice to know.
 
Status
Not open for further replies.

Enhance your AFF viewing experience!!

From just $6 we'll remove all advertisements so that you can enjoy a cleaner and uninterupted viewing experience.

And you'll be supporting us so that we can continue to provide this valuable resource :)


Sample AFF with no advertisements? More..

Recent Posts

Currently Active Users

... and 47 more.
Total: 1,178 (members: 97, guests: 1,081)
Back
Top