S
5

Two-factor authentication isn't always the magic bullet people claim

I had to disable 2FA on my work accounts after it locked me out 3 times in one week because my phone died mid-shift during deliveries. The backup codes were in my email which I couldn't access without 2FA too. Has anyone else had this circular nightmare with SMS-based 2FA?
3 comments

Log in to join the discussion

Log In
3 Comments
rileyp49
rileyp4920d ago
Honestly, I used to be one of those people who thought 2FA was the greatest thing since sliced bread. But then I had a similar mess where my phone bricked during a delivery run and I couldn't get into my email for the backup codes. That circular nightmare you described is exactly what happened to me - stuck in a loop of needing 2FA to get the codes but needing the codes to fix the 2FA. It really changed my mind on how fragile some of this security stuff is when your hardware fails at the worst possible moment. Now I keep a printed copy of backup codes in my wallet and another in my truck, but it feels like we shouldn't have to go to those lengths just to avoid getting locked out of our own accounts.
6
xena1
xena120d ago
Whoa hold on @rileyp49, I gotta push back a little here. Tbh, the alternative is way scarier - if 2FA was easy to bypass when your phone dies, it'd be just as easy for someone who stole your phone to get into everything.
7
jamesm48
jamesm4820d ago
Yeah man that circular thing is brutal. I had the exact same problem with my Google account when I was on a job site and my phone got run over by a forklift. Couldn't get into anything for 3 days because the backup codes were in my email and my email needed the backup codes. It's like a dumb riddle that makes you feel real stupid for trying to be secure. Now I got a couple of backup codes taped inside my lunchbox and one in my glovebox but it still feels kinda half assed.
5