Hilton Honors Increases Account Security

Hilton Honors Increases Account Security

6

If you’ve tried to log into your Hilton Honors account since yesterday, you may have noticed that it now has a CAPTCHA (which I just learned stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”) when trying to log in.

Hilton-HHonors-CAPTCHA

Why does Hilton’s CAPTCHA matter?

The main reason this matters is because it means you can no longer use an automated service to check your Hilton Honors balance. For example, you can’t use AwardWallet to automatically access your Honors account anymore. Instead if you try to log in through AwardWallet it will redirect you to the Hilton Honors page and pre-fill in your details, but you’ll have to complete the CAPTCHA.

Why did Hilton add a CAPTCHA?

So, did Hilton add this because they don’t want you checking your points balances through an automated service? They wouldn’t be the first loyalty program to do so. For example, Delta, Southwest, and United have all at one point told AwardWallet to stop displaying their data.

I don’t think that’s the cause here, though. I do genuinely believe it’s for the security of members’ accounts. There have been quite a few instances of account hacking lately, so I think that’s the reason for this new “feature.”

Hilton is one of the few hotel programs to still have a four digit PIN based system for accessing accounts as opposed to a password, and those are quite easy to hack.

I’d be willing to bet they’ll be changing the PIN based system eventually, and instead allow members to use passwords to access their Honors accounts. Hopefully the CAPTCHA is just a temporary solution, and disappears if/when they make this change.

Bottom line

Ultimately this isn’t a big deal, but in case you try to log into your Honors account with AwardWallet today and can’t figure out why it won’t work, there you have it…

Conversations (6)
The comments on this page have not been provided, reviewed, approved or otherwise endorsed by any advertiser, and it is not an advertiser's responsibility to ensure posts and/or questions are answered.
Type your response here.

If you'd like to participate in the discussion, please adhere to our commenting guidelines. Anyone can comment, and your email address will not be published. Register to save your unique username and earn special OMAAT reputation perks!

  1. Conrad Hilton Guest

    I was literally just asked for my password when I called up on the phone to HHonors support. This was after I said I didn't know my PIN. I asked in shocked disbelief if the person could see my password, and she said yes. I didn't follow up further on this, but just asked her to ask me a different security question. What a circus?!

  2. Bo Guest

    I use to stay in a Hilton property 4 to 5 nights a week as a Diamond member. I now have had to switch to either Marriott or Holiday Inn because I can't figure out the CAPTCA letters. Neither can my secretary or my teenagers . Ha. Extremely frustrating. But I will have to give my money to their competitors until they make a change.

  3. Brooke Guest

    Agreed, Jon! I'm actually in the process of offering something to them that will dramatically help with that. As a loyal HHonors member, I'm hoping they jump on board to better protect us all. Thanks for the news, Ben!

  4. Jon Clements Guest

    I'd call this change "Lipstick on a Pig". The fact is that they still don't give users the ability to turn off the 4-digit PIN login. With all the big security breaches this year I can't believe this is the best they can do.

  5. Autolycus Guest

    They have user names and password as an option for logging in. I wonder why they don't just force people into using those instead of continuing to allow HHonors # + PIN for login.

  6. Murray Barnes Guest

    There's been a lot of talk within Hilton recently because of the recent update to e-checkin where it's open to any Hilton HHonors member.

    Because e-checkin users are not supposed to be asked to show ID or swipe their credit card when they pick up their keys, all it takes is knowing somebody's Hilton HHonors number and PIN to cause them to pay for your hotel stay, so I imagine it's in response to this that they're increasing security.

Featured Comments Most helpful comments ( as chosen by the OMAAT community ).

The comments on this page have not been provided, reviewed, approved or otherwise endorsed by any advertiser, and it is not an advertiser's responsibility to ensure posts and/or questions are answered.

Conrad Hilton Guest

I was literally just asked for my password when I called up on the phone to HHonors support. This was after I said I didn't know my PIN. I asked in shocked disbelief if the person could see my password, and she said yes. I didn't follow up further on this, but just asked her to ask me a different security question. What a circus?!

0
Bo Guest

I use to stay in a Hilton property 4 to 5 nights a week as a Diamond member. I now have had to switch to either Marriott or Holiday Inn because I can't figure out the CAPTCA letters. Neither can my secretary or my teenagers . Ha. Extremely frustrating. But I will have to give my money to their competitors until they make a change.

0
Brooke Guest

Agreed, Jon! I'm actually in the process of offering something to them that will dramatically help with that. As a loyal HHonors member, I'm hoping they jump on board to better protect us all. Thanks for the news, Ben!

0
Meet Ben Schlappig, OMAAT Founder
5,163,247 Miles Traveled

32,614,600 Words Written

35,045 Posts Published