Recently, I booked a hotel ticket to celebrate dad’s 56th birthday through makemytrip as a gift to my parents. Thankfully registration was optional. I selected a hotel and the room and paid applicable charges and a voucher was sent to my email Id.
All seemed good until I received a strange email along with the voucher in my registered inbox
An email from makemytrip that contained my email I’d and a password. I couldn’t resist to ask myself, Is this a forced customer acquisition?. My imagination went to a spin and here are my stupid thoughts:
Is this legal?
can a disgruntled employee of makemytrip misuse my account?
Why not take a permission before account creation.
Is this spam, cause I just expected a hotel voucher?
Can this be a hack attempt to retrieve the credit card details when I log using the password sent?
Can I write about this on my blog (btw I just did that)?
With a hope that email is genuine I bravely logged in and was able to browse my account
Wait a second, here is another catch. Makemytrip did not forced me to change my password when I first logged in. That’s scary right?
Now does this entire process improves user experience, irritate a customer or maybe compromise potential security aspects.
I leave this question to the audience.