More songs about dumb “security” practices

4 Comments

United Airlines has my first name listed as "Jed E." The E is my middle initial, but somehow (probably my mistake at some point) it got listed as part of my first name.

Which finally explains why my boarding passes for United always say "HARTMAN JEDE" and ticket-counter agents have a hard time pronouncing my name.

So I logged in to my United frequent-flyer account to correct this. It turns out that you can't change your name directly on the site. Instead, for easy/obvious name changes (including changes to middle initials), you fill out a web form in which you explain what you want them to change, and they'll change it. (For less obvious name changes, there's more hoops to jump through, including providing legal documentation.)

So I filled in the form last night. (It's their standard send-email-to-Mileage-Plus form.) And today I got an email from a United rep, saying that they'll make the change as soon as I verify my identity by emailing them my home address and telephone number.

Which sorta kinda might possibly make sense (I certainly wouldn't want some Jed Hartman who doesn't have my middle initial to be able to steal my boarding passes), except that to get to the web form, I had to log in to my account and go to the page where I can change my profile information. Including my address and telephone number.

In other words, anyone who can send the request that I sent has access not only to my address and phone number, but also to the ability to change my listed address and phone number. And yet, they require me to tell them my address and phone number before they'll make the change.

Goofy.

I was nice; I refrained from pointing this out to the customer service rep, who was just doing her job, presumably implementing policies laid down by management. But if so, then management is being dumb.

It's possible that there's some way to get to the email form without logging in. But in that case, they ought to have a separate form that you can only send if you're logged in. And, y'know, to send that form, I had to give them my Mileage Plus number, my email address (which they have on file in my account), and my ZIP code. It boggles even my security-paranoid imagination to come up with a scenario in which someone who had access to all that info, and to my email account (to receive and reply to the confirmation email they sent), would somehow benefit illicitly from removing the middle initial from my name in their files.

4 Responses to “More songs about dumb “security” practices”

  1. Jed

    Followup: I sent them my address and phone number, and explained that the real problem was that my middle initial had been attached to my first name.

    I got back a note (from a different rep) asking if I wanted to remove my middle initial, and telling me to go to the website to make that change.

    I wrote back and said that yes I wanted to remove my middle initial, and that this is not a change that can be made on the website, and that I was getting a little frustrated with this process.

    I got back a note from a third rep saying that she would fix the problem as soon as I sent in my address and phone number.

    I had a moment of thinking that must be some kind of a joke. Then I guessed that the third rep either didn’t have access to the ticket’s history (the ticket number appeared prominently in all of these emails), or hadn’t bothered to read back through the history.

    So I sent a rather stiff note requesting that this matter be escalated to a supervisor or someone else who had access to the ticket history, so that I wouldn’t have to keep going around and around on such a simple request.

    We’ll see what happens.

    reply

  2. Kendra

    Irrelevant tangent: My friend J. Given III spent his first year of grad school as J. Giveniii (three times as Italian as a regular person!) for just such a reason.

    reply

  3. Jed

    Hee! I mean, I’m sorry that he had to deal with that, but also amused.

    Also, it provides me with some much-needed perspective: I don’t actually need to spend a lot of time and energy on fixing this problem; it’s not actually hurting anyone, just a minor annoyance a few times a year. So thank you.

    reply

  4. Shmuel

    My sympathy.

    I had a related set of problems, due to having two middle initials; most standardized forms make no provision for that. Sometime around the turn of the century I gave up and stopped using them on any forms or documents, no matter what format or how official. It’s turned out to be the simplest solution all around.

    (I may get around to having them removed from my Social Security card for consistency someday, but so far that one remaining exception hasn’t caused any trouble.)

    reply

Join the Conversation