FR
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Register now!

Two factor.....

Go to solution
CountyDownIeUk
Mayor / Maire

‎12-19-2022 08:50 PM

So the two factor description says:

Set up authentication methods that aren’t text based: often, online accounts will require you to set up two-factor-authentication (2FA) for added protection; with 2FA, you need to authenticate yourself with something in addition to your username and password, such as a code that is sent to your device by text. With SIM swap fraud on the rise, you may want to use something other than your phone number for 2FA like an authenticator app or security key.

 

My question.

Other than a text to the number associated to the account, what other options are there?

Labels:
0 Bravos
8 REPLIES 8

Go to solution
John_G1
Great Citizen / Super Citoyen
In response to softech

‎06-30-2023 06:43 AM

The problem with all those alternatives is that they depend on having a working phone - which is a bizarre challenge when one is trying to install Public Mobile in order to HAVE a phone! 

I am trying to set up phone accounts for some Afghan refugees whose phones from Afghanistan simply do not work as phones, so no authenticator codes, no security keys, no text messages ... but they can't log into their existing gmail accounts without being asked for their second factor of authentication... inevitably tied to non-working phones.

0 Bravos

Go to solution
CountyDownIeUk
Mayor / Maire
In response to softech

‎12-19-2022 10:21 PM

To login you just key in your email address and they send you a link, then you find the link in your email, click it and your in. 

0 Bravos

Go to solution
darlicious
Mayor / Maire

‎12-19-2022 10:13 PM - edited ‎12-19-2022 10:14 PM

@CountyDownIeUk 

If it's good enough for my bank then it satisfies my need for security. I have a good memory and I don't choose the obvious questions but rather humour to remember security questions. The same goes for usernames.....combined together it makes it nearly impossible for a "stranger" to access your account and pretty much renders the possession of the phone or Sim card useless to actually access an account using these measures.

 

Public mobile didn't implement 2FA to make our accounts more secure.....in fact it made them less secure from a criminal standpoint and harder to access for customers either suspended or without email access or both?!! Changing to 2FA and adding the ability to reset your 4 digit account PIN # to our self serve accounts made it more convenient for customers who have forgotten their security details and have not done due diligence to have a back up plan for that info.

 

Now the 4 digit account PIN# that is our accounts security key can be reset by anyone with account access. Public Mobile also eliminated another secret verifier when they overhauled the activation portal and removed the birthdate question. That info was inaccessible from the customer side but an important verifier that a customer knows the correct date (unless they lied about their age at activation?!!) when they may not know their email, password or 4 digit account pin # but they know their age/birthday.

 

 

0 Bravos

Go to solution
softech
Oracle
Oracle
In response to CountyDownIeUk

‎12-19-2022 10:03 PM

@CountyDownIeUk   what you meant by "Craigslist/PayPal" option?

 

0 Bravos

Go to solution
CountyDownIeUk
Mayor / Maire

‎12-19-2022 09:44 PM - edited ‎12-19-2022 09:49 PM

Thanks. As long as you have a choice I guess.  But is a PITA when I access my wife’s account when she is not around and our other number is in a device that does not receive texts. 

I guess I will set it back up. 

 

TELUS has a Craigslist/PayPal  like option .... which I don’t use at Telus. 

 

BBD3D430-B899-4CC2-9448-928FCFA08BF9.jpeg

 

TELUS has second factor but there there is no horn tooting about it being there. Which I have not looked at.

 

56273439-67CF-46E8-BC4F-AD5806CDFBB2.jpeg

Go to solution
darlicious
Mayor / Maire

‎12-19-2022 09:22 PM

@CountyDownIeUk 

I'm still mad about pm eliminating the security questions which I think are a far more secure option than 2FA. Anyone who loses their phone is immediately vulnerable to fraud as access to the phone number is the key to access every account with 2FA with the ability to recieve 2FA codes via text and voice call which will allow email access.

 

Having the ability to change your username and use security questions instead of 2FA is a far safer and more secure option and neither requires access to a working phone or a current email.

Go to solution
softech
Oracle
Oracle

‎12-19-2022 08:59 PM

@CountyDownIeUk   email is the only way for My Account

and In PM situation, BOTH email and text are setup for 2FA, you just have a choice to choose where to receive it on that particular addin

 

Yes, it is much safer to use Authenticator app or security key, but all these cost extra for setup on the server side.

But to be fair, I don't think Rogers or Telus or Bell have a choice for Authenticator app or security key either 

0 Bravos
Copyright © 2024 Khoros, LLC
Need Help? Let's chat.