An Information Security Community
[Will present this at local Defcon 414 in December 2015 and post slideshow here]
I have successfully done this over a dozen times - once for my girlfriend on a flight, sending her the credentials via email.
I MUST classify this as a "social engineering" hack despite several modifications to the boarding pass - which seems to be NOT associated with this airline's information other than flight number, date, time, and passenger name. Nobody checks, nor has the ability to check when you board the plane. I admit there is more info on the boarding pass barcode that I cannot figure out, nor will anyone tell me (yet).
I did this on a whim, and it worked. Tried it 11 more flights and 2 for my girlfriend, no problems ever.