SMS verification for find my mobile. Worst system in the history of technology?

soundbeans · ‎22-07-2020

I couldn't find my phone this morning and logged onto Find My Mobile so I could locate it.

2 factor autorization was enabled... so it sent a verification SMS to my mobile... WHICH I DIDN'T HAVE BECAUSE IT WAS LOST.

It was such an annoying situtatiuion. I nearly threw my laptop out the window.

Which developer thought this was a good idea? Please fire him and ban him from working in IT for life.

I couldn't believe what I was seeing. I almost fainted. "We are sending a verification SMS to your lost phone now. Please read it." .... WHAT???!!

Yes I know I can download a list of backup codes. But I only discovered this after I lost my phone.

So can you guys do something about this? Luckily I found my phone in the car. What if it was actually lost? Literally the most stupid system I've ever seen.

Somebody in Samsung needs to come up with a good solution to this quick. It's a disaster waiting to happen.

Je655 · ‎22-07-2020

When your logging into a device it asks if you would like to skip 2FA next time. This adds the device to your trusted devices. You should always login to your computer or a family member device and apply this so if you do lose your phone you can use the trused device to access its location. Once you login and approve the skip 2FA option you can log out again and the password will still be protecting your account, just not the full 2FA.

And you should always store your back up codes for these situations.

Hope this helps explain 2FA security better.

soundbeans · ‎22-07-2020

Ok. I will just build a time machine, go back in time and tell myself to do this.

It is still the worst system ever. Samsung needs to come up with a better solution. Log in to a family member device? They are using Samsung too. So they are logged in to THEIR samsung account.

You should be allowed to skip 2FA forever on your own laptop.

For example make it a trusted device forever.

Je655 · ‎22-07-2020

When you set up 2FA is when you should have logged into there device or shortly after.

On your family member device just log in through a web browser (Samsung internet) and approve the device there. Don't add your device as the main account.

And its does skip it from then on. So your laptop should not need 2FA again after you mark it as skip 2FA and will now be a trusted device from now on (or till you remove it)

soundbeans · ‎22-07-2020

"mark it as skip 2FA and will now be a trusted device from now on"

This is not true. If I check the calls / messages, it asks for the 2FA password again. Even though my laptop is already "trusted".

Je655 · ‎22-07-2020

I dont know what os or browser your using on your laptop and calls and messages? I tested this for find my mobile

But i do know when i login to (https://findmymobile.samsung.com)

And mark my device as trusted or skip 2FA that i can sign in and out multiple times without needing my 2FA code

Tested and working on chrome browser and Samsung internet on my Samsung device

soundbeans · ‎22-07-2020

Ok, but try and check the calls / message log of your "lost" phone. Does it activate 2FA again? It does for me.

Je655 · ‎22-07-2020

Yes it does look like there is added security to accessing your messages and calls for me also. There are a few things that will still require your 2FA. This is to protect you incase you forgot to log out or the data is considered sensitive.

But find my phone does work with no issues.

And when you lock your phone (on findmyphone) it also prevents the phone from being power off or the settings to be changed till you enter that password.

If your main concern is getting your calls and messages on your computer there should be options available, just not through Samsungs site without 2FA.