SMS verification Code is unnecessary with Mobile App verification

  • 2
  • Idea
  • Updated 6 months ago
  • (Edited)

Is it really useful to get also a SMS verification Code if I have the Mobile Authentification like Google Authenticator in use?
It's rather confusing, becaue the user get 2 verification codes.
If the mobile phone get lost it's almost the same mobile phone with activated SMS verification.
I think a reset like "Forgot Password"-process would be more usefull if a user is "locked-out".

Photo of Bahmueller


  • 3 Posts
  • 0 Reply Likes

Posted 10 months ago

  • 2
Photo of Tyler Abel

Tyler Abel

  • 1 Post
  • 0 Reply Likes
The ability to disable the phone call or SMS verification code and just use an authenticator app would be ideal, otherwise there's not much point of using an authenticator app. 
Photo of Padraig


  • 6 Posts
  • 4 Reply Likes
Agreed - I brought this to Supports attention a month or so ago but didn't really get a realistic answer.

Photo of dungeoncrawl


  • 31 Posts
  • 13 Reply Likes
Not only is it's insecure.  It's like have a vault door (google auth) that allows you access and a screen door (SMS) right beside it.    I spoke to the product manager there and he seemed to have a great grasp of the issues and then started conveying how it's actually more complicated than you think.  That said, he said they were working on it but there was no timeline or real urgency communicated to me.  This is one of our main complaints that we think needs addressed sooner rather than later.