Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

Has anyone received one of these?

This site may earn commission on affiliate links.
Yachtsman

Yachtsman

Member
Sep 5, 2020
486
272
Staffordshire
#1
I’ve just received an email with the following content. It looks like it’s written on a plain piece of paper ie not heading etc.
It looks very suspicious to me so I’m ignoring it & wondered whether anyone else had received anything similar.
I’ve copied the whole content.

We recommend always using a secondary form of verification for signing in to your Tesla Account.​
If you haven't already, add a layer of security with multi-factor authentication. Once set up, you'll be required to enter your Tesla Account credentials and verify your identity from a registered device each time you sign in.​
Follow these steps to set up multi-factor authentication on any third‑party authenticator app you prefer.​
Please note that generating backup passcodes is important. Store your passcodes in a safe place so you can always access your account, even if you cannot access your authenticator app.​
Best regards,
The Tesla team”​
 
#2
I had the same thoughts as you after receiving it today. But Tesla Owners Club UK seems to endorse it.
 

Attachments

  • 5B2AA59D-428E-4514-8325-B7D529260484.png
    5B2AA59D-428E-4514-8325-B7D529260484.png
    501 KB · Views: 136
#5
Yachtsman said:
I’ve just received an email with the following content. It looks like it’s written on a plain piece of paper ie not heading etc.
It looks very suspicious to me so I’m ignoring it & wondered whether anyone else had received anything similar.
I’ve copied the whole content.

We recommend always using a secondary form of verification for signing in to your Tesla Account.​
If you haven't already, add a layer of security with multi-factor authentication. Once set up, you'll be required to enter your Tesla Account credentials and verify your identity from a registered device each time you sign in.​
Follow these steps to set up multi-factor authentication on any third‑party authenticator app you prefer.​
Please note that generating backup passcodes is important. Store your passcodes in a safe place so you can always access your account, even if you cannot access your authenticator app.​
Best regards,
The Tesla team”​
Click to expand...
If you go to the profile settings of your Tesla account, there is an option to set up up Multi-Factor authentication. Whilst the email you received looks genuine, I would recommend making any changes from within your account rather than clicking on links in emails.
 
#6
Looks legit to me although why they can't use the inbox on the app is beyond me

If you do add 2FA/MFA then make sure you keep the backup codes etc safe. You wouldn't be the first person to change phone, wipe the old and realise you've lost your ability to generate a 2FA code when you next come to need one
 
  • Like
Reactions: NoGasNoBrakes
#8
It seems to have gone to everyone, whether you already have 2FA set up or not. Maybe there's a reason why Tesla are pushing out this message.

While I appreciate receiving email about setting security options can be a concern, there really aren't the kind of signs we are taught to look for in phishing emails at my employer.

1. Perfectly acceptable grammar and spelling
2. It's not excessively creating urgency, i.e. do this now or you will lose money type stuff.
3. It's not demanding you click on links as the only option, and the links there are to tesla.com and not something else
4. It's come to the email registered with Tesla and not others

Our security team send us email to try and catch us out nearly weekly, and we have to report it or get some eLearning forced on us, this would not meet the bar of concern.

Also, if you don't have 2FA set up previously then you need to have a word with yourself. Your Tesla password is the top of the stack in terms of the access it provides, people with it see where your car is on a map then come and drive it away, MFA is the only control that trumps the password, even Pin2Drive is avoidable with the Tesla account.
 
  • Like
Reactions: NoGasNoBrakes and pow216
#16
scrapps said:
How does this work if you share an account/cars with your spouse?
Click to expand...
Not generally an issue. If you use the same account logged onto more than one device, you only need access to the 2FA codes when you first login. It’s rare for tesla to subsequently log you out, I think it’s happened to me maybe once a year, but if you were logged out and only the other person had the ability to get the latest codes, you’d not be able to log back in until they gave you them. I think you can setup more than 1 source of codes so even this might have a workaround.

If you have individual accounts and the car is available in both, you both need to put 2FA on you account and have your own codes.

If you use stuff like teslafi or teslamate, once the api tokens (these are generated when you log in) have been issued they last indefinitely unless you change your password. It’s one of the concerns about security as if anybody gets hold of the tokens they can pretty much do anything you can do via the app so what’s 2FA really protecting you against? But that’s a whole different debate and not a reason to not use 2FA.
 
  • Informative
Reactions: scrapps
#19
scrapps said:
How does this work if you share an account/cars with your spouse?
Click to expand...
If you are both using the same account, have both devices ready when setting up two factor authentication and you'll be able to configure it on both devices at the same time.

Alternatively, you can each have your own account and add the other person as a driver. Then each account has its own two factor authentication setup.
 
  • Like
Reactions: scrapps
You must log in or register to reply here.

Similar threads

3
How to contact Tesla if 2-factor authentication device or app is lost?
Replies
5
Views
3K
Model 3
AZAV8R
AZAV8R
A
Autopilot Processor Secondary (APS) has not received one or more messages from the Autopilot Processor Primary (APP)
Replies
7
Views
839
Technical
alilakrakbi
A
bmah
Marin Clean Energy Solar Storage Credit
Replies
16
Views
695
Tesla Energy
bmah
bmah
S
Model 3 lease return
Replies
19
Views
2K
The UK and Ireland
Js1977
Js1977
E
My experience taking Tesla to court about FSD
Replies
697
Views
43K
The UK and Ireland
Durzel
Durzel
Top
Back
Blog
New
Forum list
Marketplace
Menu