Journey with Confidence RV GPS App RV Trip Planner RV LIFE Campground Reviews RV Maintenance Take a Speed Test Free 7 Day Trial ×
 
 


Reply
 
Thread Tools Display Modes
 
Old 04-14-2022, 01:46 PM   #1
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 11,917
Default Security verification codes

I think we all have gotten used to the two level verification codes at login for high security sites like banks, phone, utilities, etc so accounts can't be hacked as easily. The norm is to get a number code by text to type in to get past the second step verification.


Today, I got an email from Verizon, which looked OK per the address and details, that offered a "special" trade in on our phones. I get these very regularly and they normally just go to program page and explain why it really isn't as great as they implied. This time it did similar, but wouldn't give details unless logged in so they knew the plan and phone information.



Did the normal login of phone number and password on the Verizon site and it wanted to send verification text, so do the OK as always. Phone beeps and text is there from a 899000 identification number and is flagged by the phone as never before having received and maybe suspicious. The text itself did not give a number code, just a link, which never would I ever click as it violates all the safe use security information we have been given for years about links in texts to "confirm" things.


I couldn't get into my account on the PC, but my phone did get through and Verizon sent a number code to it. I got customer service and explained what had happened and asked if it was a bogus email and link. They said no and that it was from them and safe, including the text link. The only thing they said was that the link was not a hazard and could not be hacked or duplicated by bad players. Yeah, right.


I asked 14 times to have a fraud department representative contact me and explain how I should trust what we have been so often told not to trust and they refused to do that.


I now can't get into my account on the PC anymore unless I click the link, which I really don't feel comfortable doing. The last thing I need is to get comfortable doing stuff like that as it opens up the chance of error. Same with DW.


Will the phone follow that style soon? They told me they use both types of verification wherever they want, so maybe. Then I would be totally locked out of my account.


Give me a reality check, please.


Would anyone concerned about security click that email link????? Or is it just me?
booster is offline   Reply With Quote
Old 04-14-2022, 02:22 PM   #2
Platinum Member
 
folivier's Avatar
 
Join Date: Dec 2021
Location: Louisiana and Colorado
Posts: 131
Default

Not just you. I never click on any link in an email. And very few from forums unless the person is a regular user, even though that could be spoofed.
__________________
Enjoying life at our Colorado cabin
2011 Roadtrek C210P
RZR 570, Ranger 1000
Previously: 1999 36' Foretravel, 1998 Newell, 1993 Newell
folivier is offline   Reply With Quote
Old 04-14-2022, 03:20 PM   #3
Platinum Member
 
Join Date: Nov 2014
Location: PHX, AZ
Posts: 2,648
Default

corporations can be lazy and trade our security for their expediency


I'm not the trusting type.


if you have something you need to do with verizon, stop by one of their corporate owned stores




I use the password logger lastpass.com


it allows me to create unique and complicated passwords for various websites and need to remember only my master password ( over 15 characters )


I don't allow my iphone or browser to "remember" passwords for me


it works (so far)






mike
mkguitar is offline   Reply With Quote
Old 04-14-2022, 03:35 PM   #4
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 11,917
Default

Quote:
Originally Posted by mkguitar View Post
corporations can be lazy and trade our security for their expediency


I'm not the trusting type.


if you have something you need to do with verizon, stop by one of their corporate owned stores




I use the password logger lastpass.com


it allows me to create unique and complicated passwords for various websites and need to remember only my master password ( over 15 characters )


I don't allow my iphone or browser to "remember" passwords for me


it works (so far)






mike

Does lastpass somehow prevent the sites from using two step verifications or do you still get phone second step texts or emails?
booster is offline   Reply With Quote
Old 04-14-2022, 05:15 PM   #5
Platinum Member
 
Join Date: May 2018
Location: California
Posts: 330
Default Yes, That Makes Me Nervous

Quote:
Originally Posted by booster View Post
The text itself did not give a number code, just a link, which never would I ever click as it violates all the safe use security information we have been given for years about links in texts to "confirm" things.

Would anyone concerned about security click that email link????? Or is it just me?
Sending the code, not a link to get the code, is sufficient for two-factor authentication. I'd be concerned, too.
rvsprinterguy is offline   Reply With Quote
Old 04-14-2022, 06:39 PM   #6
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 11,917
Default

Quote:
Originally Posted by rvsprinterguy View Post
Sending the code, not a link to get the code, is sufficient for two-factor authentication. I'd be concerned, too.

Yeah, and from what they said the link was not even to get the code, so all the marbles on being a legit link.
booster is offline   Reply With Quote
Old 04-14-2022, 09:18 PM   #7
Platinum Member
 
Davydd's Avatar
 
Join Date: Aug 2007
Location: Minnesota
Posts: 5,964
Default

The two step process I am encountering is when I sign on with my computer they send a usually 6 number verification code text message on my cell phone and then I take that code and type it in on my computer. So I don't use my cell phone other than to receive.
__________________
Davydd
2021 Advanced RV 144 custom Sprinter
2015 Advanced RV Extended body Sprinter
2011 Great West Van Legend Sprinter
2005 Pleasure-way Plateau TS Sprinter
Davydd is offline   Reply With Quote
Old 04-14-2022, 09:23 PM   #8
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 11,917
Default

Quote:
Originally Posted by Davydd View Post
The two step process I am encountering is when I sign on with my computer they send a usually 6 number verification code text message on my cell phone and then I take that code and type it in on my computer. So I don't use my cell phone other than to receive.

That is the standard way it has been done by most places, but Verizon seems to want other.


The question was/is, would just click on a link on your phone instead instead of going the site and putting in the code? Would you trust it to be legitimate?
booster is offline   Reply With Quote
Old 04-14-2022, 09:58 PM   #9
Bud
Platinum Member
 
Join Date: May 2016
Location: LA
Posts: 1,529
Default

Quote:
Originally Posted by booster View Post
That is the standard way it has been done by most places, but Verizon seems to want other.


The question was/is, would just click on a link on your phone instead instead of going the site and putting in the code? Would you trust it to be legitimate?
booster, without typing much:

The text you received would have sent you ultimately to the same place with a 'code' or 'link', right?

Bud
Bud is online now   Reply With Quote
Old 04-14-2022, 10:12 PM   #10
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 11,917
Default

Quote:
Originally Posted by Bud View Post
booster, without typing much:

The text you received would have sent you ultimately to the same place with a 'code' or 'link', right?

Bud

That is what they told me when I contacted Verizon, more or less. Basically it would just get the login finished on the PC when clicked, but I didn't do that.


How many times have we all been told not to click links in texts and emails unless absolutely sure of their validity. This text had been flagged as suspicious by the phone and said it was the first contact from that text source. No way I would open it based on the above.
booster is offline   Reply With Quote
Old 04-14-2022, 10:26 PM   #11
Bud
Platinum Member
 
Join Date: May 2016
Location: LA
Posts: 1,529
Default

Quote:
Originally Posted by booster View Post
That is what they told me when I contacted Verizon, more or less. Basically it would just get the login finished on the PC when clicked, but I didn't do that.


How many times have we all been told not to click links in texts and emails unless absolutely sure of their validity. This text had been flagged as suspicious by the phone and said it was the first contact from that text source. No way I would open it based on the above.
Darn, Darn, Darn, I forgot to ask just that along with what I posted, intended too:

What if you had not had the phone flag it?

My head is starting to hurt thinking about it, but interesting.

Bud
Bud is online now   Reply With Quote
Old 04-14-2022, 10:47 PM   #12
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 11,917
Default

Quote:
Originally Posted by Bud View Post
Darn, Darn, Darn, I forgot to ask just that along with what I posted, intended too:

What if you had not had the phone flag it?

My head is starting to hurt thinking about it, but interesting.

Bud

Considering that the original link to one of Verizon's often put out "great deals" was on an email, I seriously think that there is probably no way I would have opened the link. If I had gone to the Verizon site on my own, and they said the verification would be a link, I might have considered it, but they said they would send a "code".
booster is offline   Reply With Quote
Old 04-14-2022, 11:06 PM   #13
Bud
Platinum Member
 
Join Date: May 2016
Location: LA
Posts: 1,529
Default

Quote:
Originally Posted by booster View Post
Considering that the original link to one of Verizon's often put out "great deals" was on an email, I seriously think that there is probably no way I would have opened the link. If I had gone to the Verizon site on my own, and they said the verification would be a link, I might have considered it, but they said they would send a "code".
Agree, Verizon used the word, term 'code'.

So the Obvious questions is, what if 'link' had been used?

Bud
Bud is online now   Reply With Quote
Old 04-14-2022, 11:21 PM   #14
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 11,917
Default

Quote:
Originally Posted by Bud View Post
Agree, Verizon used the word, term 'code'.

So the Obvious questions is, what if 'link' had been used?

Bud

As I said, they told me it would allow the login to finish and wanted me to do it, but I refused. When a customer service rep in who knows what country says "trust me" I immediately don't, in general.
booster is offline   Reply With Quote
Old 04-14-2022, 11:28 PM   #15
Bud
Platinum Member
 
Join Date: May 2016
Location: LA
Posts: 1,529
Default

Quote:
Originally Posted by booster View Post
As I said, they told me it would allow the login to finish and wanted me to do it, but I refused. When a customer service rep in who knows what country says "trust me" I immediately don't, in general.
Me too, squared.

And Me again, I have Verizon and am wondering how I would have responded. I've had links in texts but just don't recall much.

Your take is risk free or virtually so. Thanks for posting.

Bud
Bud is online now   Reply With Quote
Old 04-29-2022, 05:56 PM   #16
New Member
 
Join Date: Apr 2022
Location: USA Chicago
Posts: 1
Default

I don't like to leave my phone number on sites new to me during registration. The only sites where I've enabled two-factor authentication are social networks, as well as Google and Yahoo emails. These sites are important to me, and I really don't want my accounts hacked on them. But on other services, I prefer to use a fake phone number generator, which gives me complete anonymity and protection from SMS spammers. I've always been annoyed by annoying SMS messages in which they offer me to buy some irrelevant product like another washing machine. I think you understand these words. Try taking the fake number next time, too.
harrisonsandoval is offline   Reply With Quote
Old 04-29-2022, 06:23 PM   #17
New Member
 
Join Date: Apr 2022
Location: Ilkeston
Posts: 1
Default

Do they map a fake number to your actual mobile number?
unbrakochaz is offline   Reply With Quote
Old 06-06-2022, 06:36 PM   #18
New Member
 
Join Date: Jun 2022
Location: UK
Posts: 1
Default

Good point Chaz - shame you didn't get a reply
holbrookged is offline   Reply With Quote
Old 06-08-2022, 01:02 AM   #19
Platinum Member
 
Join Date: Jun 2020
Location: MA
Posts: 178
Default

Verizon changed their two-factor authentication from just sending a text message to sending a text message with a link you have to click.

There are a number of possible reasons why they might have made this change but the one that seems most likely to me is that they are trying to make it inconvenient so that you will use their app. Their app has tracking software in it that gives them data they can use in a variety of ways.
jakegw2 is offline   Reply With Quote
Old 06-08-2022, 12:06 PM   #20
Platinum Member
 
Join Date: Aug 2010
Location: Minnesota
Posts: 11,917
Default

Quote:
Originally Posted by jakegw2 View Post
Verizon changed their two-factor authentication from just sending a text message to sending a text message with a link you have to click.

There are a number of possible reasons why they might have made this change but the one that seems most likely to me is that they are trying to make it inconvenient so that you will use their app. Their app has tracking software in it that gives them data they can use in a variety of ways.

Yep, but we have been told for many years to never click a link in an email, especially if it is anything to do with security. Some of those links come from a third party service provider so they don't even look like they came from the place you are signing in to.
booster is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


» Featured Campgrounds

Reviews provided by

Powered by vBadvanced CMPS v3.2.3

All times are GMT. The time now is 09:59 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2024, vBulletin Solutions, Inc.