Edgar Cervantes / Android Authority
TL;DR
- Users are reporting that T-Mobile has removed 2FA support for Google Authenticator.
- There is no official statement from T-Mobile yet.
With hackers and scammers becoming much more sophisticated, our only option is to increase our security measures. This is why it’s odd to see T-Mobile removing support for an important security measure. Especially considering that all other companies are adding security features, not removing them.
Phone Arena has discovered a couple of Reddit threads that have surfaced (this one and this one), teeming with upset T-Mobile subscribers worried about their account security. It seems T-Mobile has removed support for Google Authenticator, leaving customers with SMS messages as their only option for 2FA.
Two-factor authentication is a security measure that allows you to verify your identity by receiving and entering a code every time you log in or want to make any account changes. Like other TOTP (Time-based One-time Password) apps, Google Authenticator creates these codes locally, and the code changes every 30 seconds by default. This has proven to be among the safest and most reliable 2FA methods for consumers so far.
Edgar Cervantes / Android Authority
Furthermore, Google Authenticator can even generate these codes while offline, so you could put your phone in Airplane Mode and pull a code if you’re worried about hackers getting access to this information. Not to mention, SMS needs a cellular connection, and T-Mobile services can go down from time to time.
While T-Mobile still offers 2FA over SMS, users are worried about this method. SIM swaps have become a significant problem in the last several years. During a SIM swap attack, a hacker would get control over your phone line, transferring it to another SIM card. In such a case, the bad actor can get a hold of these SMS codes and possibly gain control of your accounts.
As of this writing, T-Mobile has not addressed the topic. We also don’t know if or when Google Authenticator support will return.
Got a tip? Talk to us! Email our staff at [email protected]. You can stay anonymous or get credit for the info, it's your choice.