SageBrush
REJECT Fascism
I don't understand 2FA that way. I think of it as two independent access methods, where each method has to be satisfied. The method can be anything.
-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Locked out of my Tesla account - Multi Factor Authorisation.
- Thread starter Mickeyflea
- Start date
I don't understand 2FA that way. I think of it as two independent access methods, where each method has to be satisfied. The method can be anything.
That’s one option. It’s more broadly two forms of ID. With Apple for example it can be your Apple ID password and a trusted device OR any (registered) phone number (not necessarily trusted) that can receive SMS.
Lots of people only have one device and can lose it or break it. Like a phone. Get a new phone, activate it, sign in and the code should pop up on the untrusted device.
Hi there
Yes I did. The biggest problem was getting Tesla service staff to understand what the problem was. They kept thinking that it was a problem with the app.
Once they understood that I just needed the MFA on my account temporarily disabled it was sorted quickly.
I obviously had to provide/answer some security questions to confirm my identity but then it was really simple.
Good luck
This definitely,
other case, using password managers like 1Password, you can store a TAN code, so it is there forever and wherever you logged in (also with many mobile phones).
I managed it over the phone. Get through to the Accounts Dept. They are the ones who can disable the MFA.
This is alway one of the weak points for MFA.
How hard do you think it would be to find the answers to the various questions they asked by searching public records and social media?
That's actually not a problem with MFA so much as a 1) we're all human and 2) we don't have a universally accepted yet non-repudiable way of proving we are who we say we are... So backup mechanisms must be in place.
It kind of depends on what ones social media presence is online, but I understand what you are saying and agree 10000% percent. There should be NO disabling of multifactor authentication, ever, not in person. Someone was trying to be "helpful" and its likely they should not have disabled MFA for this person, and told them they needed to go to a service center in person with proof of Identity and vehicle registration or something.
For every "oh I am glad they hooked me up and took care of this over the phone" there is a possible scammer / thief who manages to talk someone into resetting this information remotely... then takes control of whatever they were not supposed to have access to.
With password breaches being what they are, being able to call and have someone reset a MFA over the phone without some sort of in verifiable proof is not much different than someone getting a random authentication code on their cellphone, that they didnt request, then someone from "company X" calling them and saying "oh we need you to provide the code we just sent you to fix a problem with your account".
Technically, if you lose your MFA token (device, whatever) you do want them to be able to disable acceptance of that token, even if they can add a new replacement token that you have control over. In other words, you DO NOT want someone else to be able to gain access to your {car/bank account/whatever} just by finding / reviving a token you lost.
I agree, this is all a balance of practicality vs security. However, "go somewhere in person and use documents" is actually a lot more headache for the real person, and actually less headache for a fraudster. The customer satisfaction hit and process frustration/cost isn't necessarily worth the added security for them either:
- Front-line employees are not usually trained in document verification and document security measures in the state they live in, never mind every other state. There are over 14,000 (estimated) different birth certificates in circulation in the US alone. The cost of training front-line staff nationwide (and their turnover replacements) on these and all the other documents people might try to use would be VERY costly, and
- If I'm that interested in stealing your {car/bank account/whatever} I can certainly create documents + a good enough story to pass a front-line employee, and I *am* willing to show up in person.
calidreamz808
Member
After updating to the new iphone, I locked myself out of 2 factor since my authenticator app screwed up.. Anyhow, it took me a good two weeks to get back to normal. I had to call customer service and they escalated to a supervisor which had the "powers" to send the 2 factor link to disengage. At first the sup had issues getting the email to come out to me due to their internal email security blocking their email to me.. long story short I finally got in. I used CS though. Good luck!
SageBrush
REJECT Fascism
Yes. When I go the the safe deposit box, they use their key on my box then ask me for my key. You need both keys for them to take out your box.
Also safe deposit boxes are supposed to be in a bank vault. Obviously someone can pick those locks but only a bank employee would be able to have access in to the vault when the bank is open. Unless there's a bank robbery.
SageBrush
REJECT Fascism
Lost my phone and didn’t realize about saving backup codes and QR code. Feeling completely helpless because the support page keeps looping me back to logging in and needing the passcode.
what number do you call for Tesla Service? Thanks!
Similar threads
- Question
- Question
