QF trialling two-factor authentication for QFF accounts

[sudoer]

Interesting , hadn't considered this. I do have Award Wallet membership, so perhaps this is it?

Yep, that'll be it.

QFF and Award Wallet
Qantas Verification Code SMSes

Any 3rd party service which retrieves data from your QFF account is logging into the web interface and scraping it so will trigger 2FA codes. As far as I know QFF don't have a publicly available API (probably for the best given their track record on IT)

 

[zig]

Yep, that'll be it.

QFF and Award Wallet
Qantas Verification Code SMSes

Any 3rd party service which retrieves data from your QFF account is logging into the web interface and scraping it so will trigger 2FA codes. As far as I know QFF don't have a publicly available API (probably for the best given their track record on IT)

Thanks, I had missed those threads. I will disable QFF in Award Wallet.

 

[cwd]

So i was browsing around my QFF today when i went in to see my personal details.
It said i needed to enter an SMS code before proceeding. I waited a minute and no SMS arrived with the counter counting down from 10 minutes.
I looked closer and the number it sent to is +610xx_xx_xx1. Realised why im never going to get into that section.

If you're referring to the 0 that shouldn't be there, I just tried on my account, it had the additional 0 there, but I got the SMS straight away. So that's not necessarily the issue.

 

[coriander]

If you're referring to the 0 that shouldn't be there, I just tried on my account, it had the additional 0 there, but I got the SMS straight away.

Me too .Got the SMS immediately, inputted number then app said "logging in" for about 5 min. Closed app, reopened and I was logged in.

 

[Sdtravel]

I dont use award wallet.
I did get the sms eventually, but it wasnt straightaway. It was minutes and i had given up waiting by then.
If fact i had already posted my message on AFF and moved on with life. While it does say it could take up to 10 minutes to be received it could have been within that but thats still a long wait

 

[Pushka]

I haven't had to dual authenticate for over 6 weeks now. I wonder if they've stopped it?

 

[Hvr]

I haven't had to dual authenticate for over 6 weeks now. I wonder if they've stopped it?

Not for me, I had to do it last night.

However, if I log in again using the same browser with "cookies" still in place I don't have to reauthenticate. When I clean the browser (CCleaner is good) then I have to reauthenticate.

 

[Pushka]

Not for me, I had to do it last night.

However, if I log in again using the same browser with "cookies" still in place I don't have to reauthenticate. When I clean the browser (CCleaner is good) then I have to reauthenticate.

I'll see what happens when I do a clean out. I use CCleaner too. But in the past I've always had to use the dual log in without cleaning.

 

[Pushka]

I'll see what happens when I do a clean out. I use CCleaner too. But in the past I've always had to use the dual log in without cleaning.

Bah Humbug, its back.

 

[bcworld]

Re Award Wallet and 2FA. My partner has started receiving sometimes several QF SMS per day...this stops when the account is disabled in Award Wallet. What I don't understand though is that the QF balance etc. does successfully update when it is enabled...despite the 2FA messages.

 

[Scott K]

My Yahoo mail has 2FA when used from a new Internet address. I can choose to receive an SMS code or a code via another email address.

Works for me.

My experience with using email authentication is very hit and miss. Mostly miss. Frequently I have had emails for logins turn up a day later, and sometimes never at all. And yes, I have checked my junk mail. This doesn't seem different on different email systems either. I get the same issue with my work email (exchange server), my Gmail, and my iCloud account.

 

[Pushka]

My experience with using email authentication is very hit and miss. Mostly miss. Frequently I have had emails for logins turn up a day later, and sometimes never at all. And yes, I have checked my junk mail. This doesn't seem different on different email systems either. I get the same issue with my work email (exchange server), my Gmail, and my iCloud account.

Yesterday I had to get email authentication as I just wanted to check my Super balance. I just wanted to quickly check then move on. Nup. Email didn’t arrive after 5 minutes. So clicked ‘send again’. Then an email came in finally. Clicked on it. Nup. It was the first email and no longer valid.

I’ve also had Qantas SMS failure and this frequently occurs when overseas - when of course you might need to log in.

 

[JohnK]

I received my first authentication email on Monday. Painless exercise.

Sad that I know more than the person on chat and I let them know that too but probably just ignore the feedback anyway.

 

[Pushka]

I received my first authentication email on Monday. Painless exercise.

Sad that I know more than the person on chat and I let them know that too but probably just ignore the feedback anyway.

It’s usually a text or answer the questions. Never received an email from Qantas.

 

[JohnK]

It’s usually a text or answer the questions. Never received an email from Qantas.

Surprised me too. I guess the questions were not an option as I was on chat.

 

[Mattg]

The Qantas Frequent Flyer newsletter that I received today had this at the bottom:

New two-step verification process
Prepare for upcoming security changes by checking your account details are up-to-date.

Does this mean that two-factor authentication will soon be fully implemented on all Qantas accounts? There's no further information in the email and clicking on the link takes you nowhere.

 

[JessicaTam]

The Qantas Frequent Flyer newsletter that I received today had this at the bottom:



Does this mean that two-factor authentication will soon be fully implemented on all Qantas accounts? There's no further information in the email and clicking on the link takes you nowhere.

I don't log into QF.com very often these days, but when I did last week I had to input the code sent by txt. I had not signed up for 2FA.

 

[AustraliaPoochie]

Probably a very good idea to do 2FA to avert the opportunity of points being illegally used for rewards by others.
Granted that for those who are overseas roaming will suck up phone credits fast, or build up quite a sum of costs in opening sms while overseas, or using overseas sim credits if you succeed in giving QFF an overseas mobile phone number.

 

[JessicaTam]

Probably a very good idea to do 2FA to avert the opportunity of points being illegally used for rewards by others.
Granted that for those who are overseas roaming will suck up phone credits fast, or build up quite a sum of costs in opening sms while overseas, or using overseas sim credits if you succeed in giving QFF an overseas mobile phone number.

I don't think I have ever been charged for receiving texts o/s, just sending them.

 

[AustraliaPoochie]

Yesterday I had to get email authentication as I just wanted to check my Super balance. I just wanted to quickly check then move on. Nup. Email didn’t arrive after 5 minutes. So clicked ‘send again’. Then an email came in finally. Clicked on it. Nup. It was the first email and no longer valid.

I’ve also had Qantas SMS failure and this frequently occurs when overseas - when of course you might need to log in.

If you log into your my.gov.au website, and link ATO, you can see your super balance, and also your pay or wages and tax that has been deducted from employment yet/s.