What Should You Do about an Authentication Code You DIDN’T Request?

ByEmily Dolloff

We strongly encourage using two-factor authentication (2FA) or two-step verification (2SV) with online accounts whenever possible. The details vary slightly, but with either one, after you enter your password, you must enter an authentication code to complete the login. Although it’s always best to get such codes from an authentication app like 1Password (which enters codes for you), Authy, or Google Authenticator, many websites still send codes by the less secure SMS text message or email. They’re better than nothing.

But what if you receive a 2FA code that you didn’t request?

  1. Don’t panic. Although receiving the code means that someone is trying to log in to your account and has your password, the extra authentication step has done its job and protected your account from being compromised.
  2. Never share an authentication code with anyone! A hacker could attempt to break into your account, be foiled by two-factor authentication, and then email or text you with a trumped-up story about why you should send them the code. Authentication codes are short-lived, so if this is going to happen, it will happen right away.
  3. Independently from the message with the code, go to the account website, log in, and change the password. As always, make sure the password is strong, unique, and stored in your password manager. If the account used an old password that was shared with other accounts, change passwords on those accounts as well.

There are a handful of scenarios that could generate such an authentication code:

  • Stolen credentials: The most likely scenario, which the advice above addresses, is when your email address and password have been stolen, probably in a significant site breach. You can check the Have I Been Pwned site to see if your account is floating around on the “dark Web.” Password managers often perform similar checks. Changing the password on any breached sites is essential.
  • Identity theft: You started receiving authentication codes from TikTok, but you don’t remember creating a TikTok account. Someone might be trying to create an account to impersonate you but cannot complete the account creation without the authentication code. There isn’t much you can do to stop such attempts, although if an account has been created, you should be able to change the password (since it’s using your email address or phone number), log in, and either just let the account sit in your password manager or try to delete it.
  • Accidental or random triggering: If you have a common email address or phone number, someone could have accidentally entered your address or number instead of theirs while trying to create an account. It’s easy to type marsha32@example.com instead of marsha23@example.com or mistake the Boston 617 area code for the upstate New York 607 area code. If you’re sure you don’t have an account at the site in question and you only get one authentication code, you can probably ignore it.

Regardless of the cause, don’t ignore 2FA codes you didn’t request for sites where you have an account. It’s not hard to change a password, particularly if you use a password manager, and the extra piece of mind is worth the few minutes of work.

(Featured image based on an original by iStock.com/Kateryna Onyshchuk)

Social Media: Receiving a two-factor authentication code you didn’t request shows that your security is working, but it’s also an indication that someone may have your password and be trying to break into your account.

Similar Posts

  • _Dear Friends,_

    I tuned into the Apple special “Let Us Loop You In” event on my Apple TV. We will talk about the new hardware and software but there were a few things that caught my attention that really help to define Apple as a truly different company.

    The first was Apple’s environmental commitment. They now boast that 90% of their operations, worldwide, are powered by renewable energy and 100% in the USA. This is a unique accomplishment that is made even more remarkable by Apple’s size. While Small Dog Electronics is proud to power our Waitsfield headquarters and S. Burlington store by solar energy, we have not yet reached the point of powering all our operations which is something Apple has done both by purchasing renewable energy and installing large scale solar arrays at their locations both in the USA and China.

    Their environmental commitment goes further with an awareness of the impact their products have on the waste stream. They made a point to describe the materials used which have lower impact and talked about their recycling program, too. The robot, Liam, that disassembles iPhones into its component parts was very cool and is a further demonstration of Apple’s leadership in environmental stewardship.

    The other part of the announcement that caught my eye was the extension of Apple’s altruistic Research Kit tool that has helped researchers gather data on several chronic diseases. CareKit takes that a step further, offering tools that help patients and their medical providers manage those chronic diseases. They already have several new apps in development, including one that provides post-surgical care monitoring and another for diabetes monitoring. Research Kit and CareKit are both open-source software that do not necessarily provide any revenue stream for Apple but provides the tools to improve health. I am very proud of Apple for its initiatives in these areas.

    This week’s Kibbles & Bytes exclusive is a “**home and away USB charger bundle.**”:http://www.smalldog.com/wag900002185/home-and-away-usb-charger-bundle-one-for-the-car-one-for-home This features the Hammerhead 2-port USB Automotive charger and the Hammerhead 2-port wall charger. Both have sufficient power to charge both an iPhone and iPad. If you are like me, you can never have too many chargers and this bundle is a great way to get a spare for you home and car! Normally, this bundle is $34.98 but exclusively for Kibbles & Bytes readers this week, it is $10 off at “**$24.98!**”:http://www.smalldog.com/wag900002185/home-and-away-usb-charger-bundle-one-for-the-car-one-for-home

  • _Dear Friends,_

    New data from Piper Jaffray’s teen survey show that Apple is dominating that market at least as far as mobile devices are concerned. They have 71% of the teen market for smart watches and almost 70% for iPhones and 64% for iPad. Another survey has Apple Mac sales showing positive growth while literally the entire PC market is in decline.

    I have been playing around with Amazon’s Echo and I have to say that I like it a lot. I wake up each morning and say “Alexa, what’s new?” and I get the news reports from NPR, CNN, Huffington Post and BBC as well as ESPN Sports and the local weather report. During the day, I ask Alexa to “play the blues” or “play some classical music” and while the speaker is not as good as my Sonos system it does fill the room. I can be around the corner or across the room and the Echo can hear me. Apple needs to step it up a bit and get Siri on the Mac or even better yet, integrated into their networking gear. I would love to be able to tell my Sonos app to play my music from my iTunes library!

    Speaking of networking here’s a Kibbles & Bytes exclusive! This isn’t for everyone but if you have a big house and your Wi-Fi signal isn’t reaching that far corner of the house this could solve three problems for you! I am bundling the Apple Factory Refurbished 3TB Time Capsule with an Apple Factory Refurbished Airport Express. Both have the same 1-year Apple warranty as new but you can save some bucks. The 3TB Time Capsule gives you the Airport Extreme wireless access point and automatic wireless back-ups to the integrated 3 terabyte drive. The Airport Express allows you to extend that wireless network. Normally “**this bundle**”:http://www.smalldog.com/wag900002195/extend-your-network-and-back-up-your-data-for-only-325-99? is around $500 new, but this week for Kibbles & Bytes readers, while supplies last you can buy this refurbished bundle for only “**$325.99!**”:http://www.smalldog.com/wag900002195/extend-your-network-and-back-up-your-data-for-only-325-99?