InterContinental Warsaw
Photograph ©2017 by Brian Cohen.

A Real Password Can Finally Be Used to Protect Your IHG Rewards Club Account

The frequent travel loyalty programs of most companies have converted the process of accessing a membership account from using a personal identification number of only four digits to using an actual password with mixed characters in order to increase security and mitigate the possibility of having membership accounts accessed by unauthorized people…

A Real Password Can Finally Be Used to Protect Your IHG Rewards Club Account

…and one notable exception had been IHG Rewards Club, which had its members use personal identification numbers with only four digits to access their membership accounts and were thus theoretically more likely susceptible to data breaches — until recently.

Members of IHG Rewards Club may now better protect their accounts by using actual passwords with at least eight characters — including at least three of the following four criteria:

  • Capital letter
  • Lower case letter
  • Number
  • Special character
Source: IHG Rewards Club.

You will then be automatically logged out and asked to log back in with your new password.

New members will be required to have passwords when creating new membership accounts; while existing members will have a choice of whether or not to change from a personal identification number to a password.

At the time this article was written, no time frame has been revealed as to when — or if — the personal identification number option will eventually be eliminated.

Data Breaches are Unfortunately Rather Common

Passwords are significantly more secure than personal identification numbers — especially those which comprise of only four digits — because they are inherently more difficult to crack or breach by nefarious individuals who seek to steal your miles or points…

…or even worse: steal your identity by accessing your personal data and information.

Unfortunately, even complex passwords are not foolproof against breaches.

Although I have written extensively about data breaches which compromise your personal information — as well as the miles and points which you have worked so hard to earn over the years — the following articles do not even come close to documenting all of the data breaches solely within the travel industry, as no frequent travel loyalty program appears to be immune or completely secure:

How to Protect Yourself From Unauthorized Breaches

Log into each of your frequent travel loyalty program membership accounts and update your user name; password; security questions and answers, if any; and your verbal password, if one is required.

Also ensure that all of your contact information — including your postal mail address, telephone number and e-mail address — is correct.

Additionally, take the following recommended proper precautions to help secure against unauthorized access to any of your frequent travel loyalty program membership accounts:

  • Do not use your e-mail address as your identification to log into your account.
  • Use a complex password and regularly update it.
  • Use different log in credentials with each Internet web sites.
  • Always check your membership accounts on a regular basis.
  • Promptly report any potential suspicious activity to a representative of the frequent travel loyalty program.


When your own frequent traveler loyalty program membership account is compromised, the statistics of whether or not others have experienced similar issues is irrelevant. I should know — my Starwood Preferred Guest membership account was compromised back on Friday, January 16, 2015. Not only were all of the Starpoints wiped out; but I could not even access my membership account because the password was changed.

Fortunately, you are almost guaranteed to have your miles or points replenished in your membership account if it has indeed been compromised — as had eventually happened to me with my Starpoints.

The switch from personal identification numbers to passwords is both long overdue and a thankful move by the IHG Rewards Club frequent guest loyalty program, as I have been advocating for it in numerous articles for years; and although the personal identification number method is still in effect, I switched to a custom password — and you should strongly consider doing the same thing.

I already change my four-digit personal identification number to a real password; and the process consumed only a couple of minutes of my time at the most.

Photograph ©2017 by Brian Cohen.

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!