KrisFlyer to introduce two-factor authentication


KrisFlyer has sent an email to members advising that it will be introducing two-factor authentication (2FA) from June 29, 2018. The introduction of 2FA is designed to reduce the ease with which attackers can gain access to accounts.

2 Factor Authentication (2FA)

Once KrisFlyer has implemented 2FA, members will be asked to enter a one-time password (OTP) for certain KrisFlyer transactions. The examples that they have cited include accessing their profiles or making changes to their redemption group nominees.

In order to send the OTP to you, KrisFlyer will use your registered mobile number. However, if that is not available, you will be able to use your registered email address to receive the OTP.

As a result, members are being asked to update their contact information. The steps to do this are:

  1. Log in to your KrisFlyer account
  2. Click on the “Profile” tab
  3. Click on the “Edit” button beside “Personal Details”
  4. Your mobile number and email address can be edited under the “Contact Details” section
  5. Click “Save”

At present, KrisFlyer accounts are protected by a single 6 digit PIN. While better that the Qantas option of a 4 digit PIN, it is quite a weak way of protecting accounts in this day and age.

So, if you have a KrisFlyer account, make sure your contact details are up to date. Otherwise, come June 29, you may have some issues when using the site.


Subscribe to our mailing list and we'll send you our latest updates

* indicates required

About Author

Mark is the founder of FlyStayPoints, and caught the travel bug early in life. He discovered the benefits of travel loyalty programs in 2001, and is always learning how they can make travel better. While work takes him between Perth and Melbourne, he is always plotting his next adventure.