Locked out of AGR account again

Advertise with us
shop deals on amazon
Shop deals on ebay
Amtrak Unlimited Discussion Forum

Help Support Amtrak Unlimited Discussion Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
M

MARC Rider

Robber Baron
AU Supporting Member
Joined
Apr 5, 2011
Messages
6,123
Location
Baltimore. MD
What's going on? I had this problem last month, and I called AGR, they were very apologetic, but the agent on the phone said she couldn't fix the problem, she'd have to write a ticket for the software crew to handle the next day (I was calling in the evening.) I eventually got in, but I did change my password, and when I went to check my balance this evening, I was notified that I was locked out again. I appreciate the concern for my online security, but if I can't log into my account, what good is it to me?

And they are telling us there will be no problems when we have fully networked self-driving cars! :( If that tech works as well as most the tech I use, I expect to be locked out of my car most of the time and will have to call the help desk, and (maybe) have the car working the next day.
 
Last edited by a moderator:
Some of us have looked at some of the REST interfaces that likes of Tesla provide for access over the internet. They are at best poorly designed by amateurs and are not that difficult to hijack, unfortunately. Hopefully things will improve over time. But security in IoT networking is pretty poor at present. The recent DDoS attack is proof positive about how poor things are.
 
I can log in, but then I can't get to the page to buy some points.

"Error: Something went wrong"

Why do I have to log in again to buy points.

So last night I tried to reset my password, and that also didn't work.

I've sent AGR an email regarding my issues.
 
I was able to reset my password, but still no access to the Buy Points page.

Got an email back from AGR. They wanted to know what OS and browser I use - Windows 10 Ver: 1607, and Chrome.
 
jis said:
Some of us have looked at some of the REST interfaces that likes of Tesla provide for access over the internet. They are at best poorly designed by amateurs and are not that difficult to hijack, unfortunately. Hopefully things will improve over time. But security in IoT networking is pretty poor at present. The recent DDoS attack is proof positive about how poor things are.
Click to expand...
IoT security has been a sad joke from day one. Nobody wanted to admit it but anybody with even a minor understanding of network security knew the IoT revolution was destined to become an unmitigated disaster. Millions of idle plug and play network devices with brief production runs and extremely limited support windows that were expected to remain online for years at a time?

The real solution isn't technical so much as legal. The penalty for designing/manufacturing/distributing/selling poorly protected/supported IoT devices has to be painful enough that it vastly outweighs the desire to simply ignore it. The nature of IoT devices requires that they have especially robust security protection and recovery measures. Unfortunately the reality of the situation is that they have some of the weakest and most easily defeated protections the internet has ever seen.
 
I will say that Tesla is using significantly better security protocols than the vast majority of internet-of-things implementations. Still not as secure or robust as I want, but not "casual hacker can crack everything at once trivially" level, like most of 'em.
 
neroden said:
I will say that Tesla is using significantly better security protocols than the vast majority of internet-of-things implementations. Still not as secure or robust as I want, but not "casual hacker can crack everything at once trivially" level, like most of 'em.
Click to expand...
I agree. They certainly do not have n administrative login with the password "admin" frozen in firmware for anyone to use as their hack port :) There is a Chinese outfit that has many millions of devices out with this unique feature and they have no way to withdraw them either. Those are the ones being used in the DDoS attacks. Some say that it is perhaps intentional and not an accident. ;)
 
I got an email from AGR today regarding not being able to log in to the Buy Points For Yourself page to buy AGR points.

We are currently experiencing technical difficulties with our partner, Points.com. We are aware of the problem and are currently working to resolve this issue.
Click to expand...
 
I don't have much interest in buying points at a higher price than the redemption rate but I can't get into that area of the AGR web page even if I wanted to buy them. The password gets me into AGR but not into the Buy points section. Buying points is a losing proposition but if they ever go with the 50% bonus I may buy some points again to make up shortages. As it is now I am locked out but really don't care.
 
I had that problem too - until I enabled 3rd party cookies in my browser.

With 3rd party cookies disabled I could not get to the points buying page.
 
Last edited by a moderator:
Not being able to purchase points is definitely a cookie problem. Once you've enabled cookies (you may need to also clear old cookies) you should be all set.
 

Latest posts

Back
Top