Re: New important information for AARP Rewards – V... - Page 2

ef3487 · ‎12-12-2019

Since I don't seem to be able to reply to the other thread that was posted, I guess I have to start a new one.

No doubt I'm in the minority here, but with limited texts on my plan, why would I want to do a phone verification each time I log into AARP Rewards? There hasn't been anything there that I would be interested in anyway.

Thanks so much for keeping my account safe.

ralmon · ‎12-23-2019

@mi4090

😀

And a wonderful Holiday and New Year to you too, Marylin

Cheers,

Ray

mi4090 · ‎12-24-2019

@ralmon

Ray same to you and your family.

Happy Christmas Eve,

Marylin

AARPCaroline · ‎12-23-2019

@ralmon There has not been a breach at AARP. This is about confirming your identity to protect your account and also to make sure people don't have multiple AARP Rewards accounts -- so both.

AARP Community Manager

ralmon · ‎12-23-2019

@AARPCaroline

Well, I'm glad to hear there hasn't been a breach. However, I would like to stop going in circles about how this is supposed to address the 2 issues:

(1) protecting my account

A one-time text/call to an arbitrary phone number given on some web form is not a proper authentication of anything. A malicious person can enter anything there. If they borrowed a friend's phone, or bought a cheap pre-paid, it would not prove identity.

(2) preventing multiple accounts

Pretty much the same issue. Again, the borrowed/purchased phone applies here. Not a secure authentication. Checking for accounts being accessed from the same internet location is a first better check, although it can be avoided with a VPN.

If a secure authentication has to be done on a one-time basis, it must deal with more information than just some phone number! If AARP is truly concerned about securing accounts, there should be an option for modern mechanisms, such as 2-factor authentication AT EACH LOGIN.

Please have someone provide a better description of how this is supposed to be secure with the one-time phone text/call. I'll gladly talk to them offline about the situation. Just don't talk about security then do virtually nothing.

@AARPCaroline - Sorry for the long rant, stuff like this just gets my goat. Maybe its due to the work I'm in.

Cheers,

Ray

sjean65 · ‎12-22-2019

so i cannot participate in aarp rewards without a mobile phone?

gm5271 · ‎12-12-2019

@ef3487

Hey EF

Based on my assumption this would only be done one time not each time you sign in therefore only 1 text be sent to you usually most plans offer unlimited received texts only limit ones you send & this verification doesn't require you send a text only receive one. Hope this helps

I also made assumption was verification of my Rewards Community account but rereading Teri's post reckon for AARP Rewards Page honestly not sure which

Also about locking topics they started this new fashion of posting when they believe it'll be a "Hot" topic getting lots of reactions to their post they lock topic so no one can reply their thoughts.... just read information they post They didn't use to do that but do now

Good luck getting verified I did it put in # got text with code & entered fairly simple

but really I'm not sure why necessary to do to know who we are ??? Possibly they are linking our Rewards account to phone number instead of name ??

No idea

@AARPTeri Teri can you further explain why this is necessary? Thanks

Ginger ; )