KrisFlyer has sent an email to members advising that it will be introducing two-factor authentication (2FA) from June 29, 2018. The introduction of 2FA is designed to reduce the ease with which attackers can gain access to accounts.
2 Factor Authentication (2FA)
Once KrisFlyer has implemented 2FA, members will be asked to enter a one-time password (OTP) for certain KrisFlyer transactions. The examples that they have cited include accessing their profiles or making changes to their redemption group nominees.
In order to send the OTP to you, KrisFlyer will use your registered mobile number. However, if that is not available, you will be able to use your registered email address to receive the OTP.
As a result, members are being asked to update their contact information. The steps to do this are:
- Log in to your KrisFlyer account
- Click on the “Profile” tab
- Click on the “Edit” button beside “Personal Details”
- Your mobile number and email address can be edited under the “Contact Details” section
- Click “Save”
At present, KrisFlyer accounts are protected by a single 6 digit PIN. While better that the Qantas option of a 4 digit PIN, it is quite a weak way of protecting accounts in this day and age.
So, if you have a KrisFlyer account, make sure your contact details are up to date. Otherwise, come June 29, you may have some issues when using the site.