Maximise your Avios, air miles and hotel points

Heathrow Rewards is back online

Links on Head for Points may support the site by paying a commission.  See here for all partner links.

The Heathrow Rewards website had been down for a few weeks with no way for members to access their account. Last week, a slightly cryptic email was sent to members which implied that a data breach had taken place.

The website is now back and you can access your balance, but there are new security policies in place.

Heathrow Rewards website is working again

How has Heathrow Rewards changed its security?

Go to the Heathrow Rewards website here and log in via the head profile in the top right corner.

As well as your email address and password, you will need your Heathrow Rewards card number.

When you attempt to log in, you will need to set a new 12 character password. This is a more complicated process than necessary, requiring you to use a link which is emailed to you.

The good news is that, once you have got through all this messing around, you will be able to get back into your account again.

Comments (24)

This article is closed to new comments. Feel free to ask your question in the HfP forums.

  • Phillip says:

    Having updated my password, I can still see all the airline redemption options as of this morning.

    • Chas says:

      Like you, I can still see the airline redemption options too.

    • Cats are best says:

      Same here,.

      But there’s a qualifier on each one saying “Until 31/12/2021”, presumably that’s when they end or some other change happens.

      • Phillip says:

        It was the same last year. Last December it said “Until 31/12/2020” and then rolled over the following day.

  • Lynsey says:

    Do you think with less redemption options it’s less likely they will do a promotion on converting into shopping vouchers, had been holding off for one (that and the fact I’ve barely been in Heathrow in the last year)

  • BJ says:

    Wonder if I can finally get rid of my M&M miles.

  • Lynsey says:

    I can’t even log in this morning, they’ve always only ever wanted card number and password never an email address, I have tried both my current email address and an older one that I may have signed up with but both say that the details are wrong, I have done forgotten password (even though I know the password is correct) for both email addresses. Anyone else having problems?

    • Chas says:

      I had problems changing my password once I had successfully logged in. The password rules are clear (at least 12 characters, etc, etc), but I could only get it to work if my new password was exactly 12 characters….

      Even once I’d then successfully changed it, I was unable to log in for a while due to what turned out to be a formatting issue with the card number – despite it being displayed with spaces, it would only work for me if I removed the spaces. Hope that helps.

      • Bagoly says:

        Programmers are fallible, and testing is cut to save costs…
        if len(password) 12 instead of if len(password) < 12

        Similarly when setting up a new account yesterday, repeatedly told me that "email address has been used already" but it turned out that it meant "username has been used already".

        • Doug M says:

          Not testing enough to get basics right is crap. Incidentally I’m not sure the password issue is length, I think it may relate to special characters on their list not being accepted.

          • Chas says:

            Maybe I got lucky then that my newly generated password of exactly 12 characters also omitted some special characters which weren’t allowed. Either way, it was a far from seamless process.

      • Andrew says:

        My 15 digit password worked just fine.

        • Doug M says:

          Yes I was able to set a 15 character password eventually. Still won’t let me login though.

      • MrHandBaggageOnly says:

        Thank you for this! I was about to get really grumpy with Heathrow Rewards as I could not log in once I’d reset the password, then read this, deleted the spaces on the card number and was in straight away.

  • Pete M says:

    Now they should allow us to claim back the points we were not awarded during the shut down!

    • Save East Coast Rewards says:

      If you’ve kept the receipts then they will!

  • Muhammad Abdullah says:

    I’ve got £100, considering M&M because I don’t see myself buying anything at LHR these days given no more duty free

    • bafan says:

      I bought some Chanel a couple of weeks ago from WDF and it was still the same price as before, so I guess they are taking the hit for now.

  • Mr. AC says:

    … One day late, had to cash out my expiring M&M points yesterday into an Amazon gift card at a much worse rate… Oh well, you win some, you lose some. Glad Heathrow rewards are back at all.

  • CarpalTravel says:

    Hold on, if there has been a data breach isn’t it their responsibility to notify people potentially impacted in a timely manner, without delay? If this is the case it sounds like they have failed there too.

    Pretty sure I heard that during a moment of consciousness, during my GDPR training….

This article is closed to new comments. Feel free to ask your question in the HfP forums.

The UK's biggest frequent flyer website uses cookies, which you can block via your browser settings. Continuing implies your consent to this policy. Our privacy policy is here.