SMS 2FA
I understand this wouldn't be the choice for the most privacy-seeking users, but when one doesn't own a smartphone, the good old code sent through SMS for 2FA would be a great feature!
Best regards,
-
kevin commented
There is an issue with using Authenticator. If your phone is stolen, a thief can see your protonmail account address, which is a first step to potential attack. SMS would not have this problem
-
David Garcia commented
It would be better not to use SMS' at all due to all the plain text security issues. Otherwise, there's no need to keep using Proton because anyone sniffing the network could get plain text codes to break into the accounts.
-
Matthew commented
Hello,
To have a better chance of accessing the account in case of problems, I think adding two-factor verification via SMS is very useful. If you unfortunately break or lose your phone, you no longer have access to your chosen authentication app. But if you also lose your SIM card, you can ask your phone operator to get it back with the same SIM card number.
I think that as an additional 2FA to the authentication app, this could be a great thing.
This would allow you not to be locked out of your account, if you also lose your recovery codes.I hope this security feature can be implemented,
thank you for your future reply.
Regards -
Another user commented
This is an absolute horrible idea when it comes to both privacy and security.
First, there are TOTP applications for pc (Windows, Mac, and Linux), so you don't need a smartphone. I can recommend both BitWarden and KeePass (both are open source)
Second, Sim jacking is a very serious and widespread issue.
https://news.trendmicro.com/2022/02/23/what-is-a-sim-swap-scam-how-to-stay-protected/Third, sms is unencrypted communication so anyone who wants can "listen" in: https://www.howtogeek.com/709373/why-sms-text-messages-arent-private-or-secure/
-
Anonymous commented
Get an authenticator app, SMS is less secure.
-
Someone1611 commented
Yes, I agree with you and I know that ProtonMail staff also want to put it on ProtonMail, but they will need sms server to quickly send the code to users and the server cost is very expensive. So they still can't add it to ProtonMail
-
Niels Zeelenberg commented
Pleass introduce 2fa with sms. It makes you so much less vulnerable for loss of device. Replacement of phonenr. on new sim is very easy. Losing the device with auth. app is much more problematic: you lose access to mail
-
Anonymous commented
Give me A Verification code via IPhone Text Message before I blast you all over the internet and single handedly ruin your reputation!!
-
Anonymous commented
I can’t always provide a alternative email so why can’t you be like any other app and just send me a verification code via IPhone text message?
-
Anonymous commented
I am unclear why we must use an app for 2 step Authentication and do not have the option to use our phone number.
-
Anonymous commented
Why can't 2 step authentication be done by text message?
-
Anonymous commented
Hello:
Yes, please! Please offer two-step authentication via text message to a cell phone. I am trying very hard to get rid of spying Google and Android, will accept no more apps, and am about to get rid of my smartphone entirely, in favor of a simple flip-phone.
Please develop a system for two-factor codes to be sent to a cell phone!
Thanks, Peter Scott Cameron -
Daniel commented
totally agree with option to have 2FA via SMS, if not for all due costs, at least for paid plans
-
Ethan Powell commented
Hello,
So far I love Proton Mail. I originally added 2FA, I had to disable it as I tend to wipe my phone or something of the sort and have a hard time re-accessing my account(s). One thing I really like about other services is using SMS as a 2FA method, that way you can always have access to it and not worry about losing access to 2FA and thus your ProtonMail account. Another method I have seen, such as with Google + Android devices; when logging in, if you have your account logged in on a mobile device, instead of using a password, it will allow you to verify your login via your device which makes logging in a lot quicker. Either would be nice, personally, I prefer SMS verification as it is a lot simpler to do.Regards,
Ethan. -
David commented
SMS Verification - In addition to using authenticators such as Google Authenticator or Authy, it would also be a great idea to support SMS authentication. This would be useful because in the case that a mobile device breaks for one reason or another and you can not use the authenticator that is on it, your SIM card can still be used to access SMS verification (given you have chosen to use it).
-
Gabrielle commented
Would like to get a text message every time when I log in to enter a verification code. Helps with using protonmail in public networks.
-
JD commented
Sounds good but SMS are NOT save 1. Can be captured in the air at WIFI or 2. Recorded via Service Provider. BUT if use whats to take the gamble, by all means give the choice.
OR just use an easy Slider or Easy Puzzle Captcha, CHOICE!
-
Imsand commented
Für alle, die kein Smartphone besitzen
-
Anonymous commented
set up 2 step verification for jitter bug or phone like it. we don't use smart phones
-
B. commented
SMS was recently shown to be intercepted with ease. Spoofing a phone # and receiving all standard content pushed to it can be done by a child. If you have a service that lets you change your password with a verification code alone, disable that feature.
We should have to use an app for all 2FA, or especially 1FA.