Update 9:15am Eastern: Hilton hasn’t gotten their IT ready for this, which may tell you something about the underlying problem… don’t change your password yet, it won’t ‘count’.
Just wanted to share a quick update. This change has not taken effect yet due to a technical issue on our end, so please tell your readers to hold on changing their passwords for right now. We apologize for the confusion; we shared this update yesterday because we wanted members to be the first to know about this change and the Bonus Points! I will share updates with you as soon as I receive them.
United, American, and Hilton all suffered recent data breaches. Indeed, Hilton points have been among the most available for sale on the DarkNet. Starwood was hacked, too.
Hilton accounts have long used 4-digit PIN numbers. That’s not a lot of unique combinations, and Hilton has decided that’s not secure enough. Hilton reached out yesterday to let me know that they’re moving to passwords.
- PIN numbers won’t work after March 25.
- Members will need to update their password.
- If you update your password early, though, you’ll get points — 1000 points if you update your password between today and March 8.
Today, to ensure maximum security, Hilton announced that the login process for all Hilton HHonors members is being updated. PIN numbers will no longer be accepted and members will have until March 25, 2015, to create a new password or update their existing password. Members that update their password between February 19 and by March 8, 2015, will be awarded 1,000 Bonus Points as a thank you. Updating passwords today won’t make a difference as the change must happen on or after February 19, 2015.
This update will continue to protect the privacy of HHonors members while also allowing Hilton to make accounts more secure as the hospitality industry and loyalty programs are seeing an increased number of security incidents. While we know this is an added measure for our HHonors members, it will help us ensure their accounts are more secure.
Years ago Hilton used to give you 2000 points for updating your e-mail address. You could earn the points once per quarter. So that was 8000 free points each year for swapping email addresses back and forth in your account.
Elephant from the Conrad Bangkok which once offered its Presidential Suite for $51
Given the costs of hacking that Hilton is incurring, I’d think awarding 2000 points a quarter for members to change their passwords could be reasonable.. Interestingly, 2000 Hilton points doesn’t go nearly as far in 2015 as they did in 2002. And yet they’re only giving 1000 points for updating a password.
But you’re going to need to do it anyway, and points are points.
I just tried to change the password but the system said on 4 digit numbers are allowed.
Finally (well not quite yet, but when updated) finally! The reliance on pin’s has been frustrating. Then it will be time to update iphone, ipad, awardwallet, roboform, chrome memorized pw … a pain but worth it.
Yeah, Hilton HHonors should have moved away from 4-digit PINs years ago! At least they also already have passwords in the system (and have had that feature for YEARS).
Now, when is IHG going to catch on that PINs are insecure and that they should move to passwords???
Hilton’s IT was bad enough before, but the idea that they would actually roll this our prematurely (i.e., before it was properly tested and working)? It would be funny if it weren’t so infuriating.
Did Hilton give a date on when the promotion will be ready?
Is this now working properly?
Is this live yet?
So, still nothing?
Any news on this ?