Constant need to "verify" devices

[sengsational]

If you *do* want your device to be remembered, make sure you:
- use the same Windows account each time you restart the computers
- use the same browser each time you access the problematic websites
- have your browser settings enabled to allow all cookies
- don't use "incognito" or "in private" browser windows
- don't use any settings or 3rd party tools that automatically delete cookies or clear your browser cache when you exit your browser, or after a specific period of time elapses

That's all you can do. And maybe use a single device, as you later said.

Treat it as a challenge from the stoic gods and see how well you can manage the obstacle. Grade yourself on how creatively you respond (maybe use it as a cue to do your stretches that you've been 'forgetting', etc), and grade yourself on how short the period of annoyance lasted.

Fwiw, and even more off topic, technology can address most of those things. Automatic shut offs, leak detection, etc…

To mix in the non-tangent aspect, there are other, easier out-of-band solutions, so yes, technology can solve this too. I worked on a mobile app (SQRL) with a air tight security model that, if adopted, would allow out of band authentication. It's unique in that it doesn't require a third party. Nobody to call if you mess-up, though. So getting sites to implement the protocol is the hard part. Nobody is going to adopt SQRL because of the chicken and the egg problem. It's probably going to be a subscription to a Google solution that the web sites pay for, and we all will need to have the app. There are already authenticator apps, but not sure the web sites in question have a non-annoy way to use those.

 

[Lsbcal]

Extra verification doesn't bother me; I know it's necessary these days.

It does bother me when a web site says "Your device is verified for the next four months" and it isn't even good for one day.

I don't consider this a user flaw. I consider it a design flaw on the part of whoever designed that web site. Now, if I were using some unusual device-browser-firewall combo, then I wouldn't blame the designers if their security protocol wasn't compatible. But I'm using up-to-date vanilla stuff.

I've noticed a few flaky things going on in corporate America. With the pandemic still on and many people changing jobs it appears I have to be more tolerant of some of these things. Delays at the drug store, some items out of stock in markets, huge phone delays at Vanguard and TMobil, weirdness in new feature implementation of software are just a few I have noticed. I hope we get back to more normality in coming months.

 

[harllee]

I don't understand why the 2 part verification is a problem. I like it and have to do it for most of my financial sites every time I log in. It takes less than a minute. I don't understand what the problem is.

 

[MRG]

The issues with device security are many and not easily identified. Many moons ago I was tasked with developing a time out routine for pseudo conversational CICS applications. It was a freaking nightmare to get right and the devices were all known to us. This was way before internet based applications that add a magnitude of difficulty in identifying who they are.

We had many debates at the time and the industry was moving away from device level security and heading to only basing security on user credentials. Well they sure screwed that all up!

Stop whinging this stuff ain't easy.

 

[Amethyst]

Forgetting exercise?

You don't know me very well, do you.

(maybe use it as a cue to do your stretches that you've been 'forgetting', etc), .

 

[folivier]

Here's the problem for me and my DW. Our mountain cabin has internet but we have to drive a couple miles to get a cell signal. So whenever someone needs to send us a code by text message we have to hurry and drive to get the code then hope we can get back before the code expires. Yes, it's a problem here and since we spend at least 1/2 the year up here it's pretty aggravating. And no our fairly new cell phones won't do wifi calling so we rely on MagicJack VOIP.

 

[Amethyst]

Good grief. I don't suppose they can call your phone number, as Vanguard does?

Here's the problem for me and my DW. Our mountain cabin has internet but we have to drive a couple miles to get a cell signal. So whenever someone needs to send us a code by text message we have to hurry and drive to get the code then hope we can get back before the code expires. Yes, it's a problem here and since we spend at least 1/2 the year up here it's pretty aggravating. And no our fairly new cell phones won't do wifi calling so we rely on MagicJack VOIP.

 

[ocean view]

Here's the problem for me and my DW. Our mountain cabin has internet but we have to drive a couple miles to get a cell signal. So whenever someone needs to send us a code by text message we have to hurry and drive to get the code then hope we can get back before the code expires. Yes, it's a problem here and since we spend at least 1/2 the year up here it's pretty aggravating. And no our fairly new cell phones won't do wifi calling so we rely on MagicJack VOIP.

Sorry to go off topic a bit, but have you considered getting a range extender, such as WeBoost?

https://www.weboost.com/boosters/home-office-signal-boosters

RVers use them to boost their cell signal when out in the boondocks. I don’t have personal experience with them, I just know the product exists.

 

[Chuckanut]

Repeated use of 2FA techniques while tiresome at times is far less effort than having to try to undo the effects of a successful theft of your online sign-on information.

Consider it a modest time tax on being successful enough to need extra security.

 

[folivier]

To answer these questions, only a couple sites will call our Magicjack phone to send us a code. Every other site will only text a code.
Unfortunately a cell booster won't work, I tried it but not enough signal in the mountains, too many trees, etc. But it's a small price to pay for having a cabin in paradise! Just glad we have DSL, great fire dept., security patrol, lodge/restaurant, and still as remote as possible.

 

[harllee]

Here's the problem for me and my DW. Our mountain cabin has internet but we have to drive a couple miles to get a cell signal. So whenever someone needs to send us a code by text message we have to hurry and drive to get the code then hope we can get back before the code expires. Yes, it's a problem here and since we spend at least 1/2 the year up here it's pretty aggravating. And no our fairly new cell phones won't do wifi calling so we rely on MagicJack VOIP.

Sometimes we have this problem in our mountain cabin. In that case one of us goes down the mountain to get the text number and calls the other one who is back at the cabin on with the computer on the internet.

 

[HGTVFanatic]

No hotspot, and no indication of router issues.

I'm using Chrome.

There’s no way I would be using Chrome.

https://www.forbes.com/sites/gordon...-exploits-upgrade-chrome-now/?sh=3346a37e61a7

 

[marko]

There’s no way I would be using Chrome.

How can 3.2 BILLION users (almost half the world population) be wrong?

 

[Amethyst]

I figured if I named a browser, somebody would say it was bad.

 

[MRG]

I figured if I named a browser, somebody would say it was bad.

+1
Software has about the same fanatics as religion.

Don't get me started on the best way to clear a register.

 

[Octothorpe]

Just now I got the "verification needed" message stating that I was to enter the security code. My phone never rang. The call was directed to my voicemail because my phone system determined it was a possible spam call!!! When I listened to the message, it said to press 1 to receive the one-time-code! I ended up having to turn off the call filtering on my phone to get the blasted login code.

 

[COcheesehead]

Just now I got the "verification needed" message stating that I was to enter the security code. My phone never rang. The call was directed to my voicemail because my phone system determined it was a possible spam call!!! When I listened to the message, it said to press 1 to receive the one-time-code! I ended up having to turn off the call filtering on my phone to get the blasted login code.

As we age I think it’s important that we keep up with at least a base level of technology. A simple text over a cellular phone would have made this situation an easy one.

 

[DayDreaming]

Here's the problem for me and my DW. Our mountain cabin has internet but we have to drive a couple miles to get a cell signal. So whenever someone needs to send us a code by text message we have to hurry and drive to get the code then hope we can get back before the code expires. Yes, it's a problem here and since we spend at least 1/2 the year up here it's pretty aggravating. And no our fairly new cell phones won't do wifi calling so we rely on MagicJack VOIP.

You can get a Google Voice (GV) number, and associate your cell phone# to the GV number. Configure GV to forward texts and voice transcripts to your email.
Give the GV number to websites that do 2-factor verification. At your cabin, you'll get that verification code in the email that GV sends you.

I have my phone setup this way - I always give out the GV number, nobody knows the actual cell phone#. My cell phone is off more than it's on, so I actually send and receive more texts from my desktop computer than I do with my cell phone. The only thing I found that doesn't work with the GV number is Uber. GV is really VOIP and Uber only works on a 'real' cell phone number, not a VOIP number (at least the last time I used it).

 

[Gumby]

Most of the sites I use can send the verification code by voice, text or email. You just have to set it up your preference in your account.

 

[target2019]

How can 3.2 BILLION users (almost half the world population) be wrong?

Almost 3 billion active Facebook users...
https://www.statista.com/statistics...Facebook,the biggest social network worldwide.

 

[2cheap2eat]

What also annoying is that Company's apps need requiring logging in again with ID & Password, then enabled FaceID (for iPhones). It's clearly optional to forget the user as some apps keep the FaceID setup, some force login again.

It's quite annoying as many Company's push app updates out often (i.e. every couple of weeks). I have an online bank (Live Oak) that falls in this category and I stopped using because it was so annoying. I contacted them to let them know and in my app review.

 

[Still_Waters_43]

Another thing that can cause this issue, with unknown devices, is if you use a utility app to clean up your computer (e.g. I use CCleaner). The default setup of these apps usually cleans (i.e. deletes) cookies. So, if you run it between logins the website will not recognize your device.

 

[mcbraemer]

Repeated use of 2FA techniques while tiresome at times is far less effort than having to try to undo the effects of a successful theft of your online sign-on information.

Consider it a modest time tax on being successful enough to need extra security.

+1
Well said!

 

[athena53]

Is there some sort of creepy Big Brother verification company that aggregates EVERYTHING? In trying to verify my identity with one of the credit bureaus they asked me what month DS was born. His birth records are in another state, he hasn't lived with me for 14 years and we have different last names.

Just last week I was setting up an account to access the results of my bloodwork and among the questions they asked were whether I'd owned a car from a list of models they provided and which organizations I'd belonged to out of a list. Toastmasters was on the list. No idea how the heck that got there except I was once on the bank account as District Treasurer. It also asked for my height as reported on my driver's license but I had to scan my driver's license to check in. I really hate handing over my driver's license to be scanned.

And, a bit closer to the OT- I installed apps for my brokerage accounts only so I could deposit the occasional check. I'm not going to go through 2-factor verification just to check my balance.

 

[NW-Bound]

How can 3.2 BILLION users (almost half the world population) be wrong?

In the past, all the world population thought the earth was flat, so I cannot be sure about the popular vote.

Oh, what are we talking about people being wrong here?

I had to look up the thread, to see we were talking about Chrome.

Well, I use it too, and as I mentioned, it did not work well with Treasury Direct site, while MS IE and now Edge does.