Reward points are simply another form of currency. As such, our SWA accounts and online account security should be treated similarly to our bank accounts. In today's world, passwords are simply insufficient for securing access.
Given this fact and the problem with hackers accessing customer SWA Rapid Reward accounts and stealing RR points, my hope would be that SWA would implement and require multifactor authentication for RR account login, point redemption, email/password/address change requests, etc.
While MFA is not a magic-bullet for stopping all hacking, it has been proven to dramatically reduce it.
Finally friends, don't be part of the problem and the 61% of people who reuse passwords across personal and work accounts. Doing so is essentially just begging hackers to hack your accounts. Use a password manager like Dashlane to provide extremely difficult and unique passwords for all of your accounts. A password manager also allows you to easily and regularly change your password -- which I now suggest doing every 60 days for sensitive accounts.
Thank you in advance, SWA, for improving the security for your RR members and their accounts.
