T-Mobile ID: How to get 2 Step Verification code via email
I just set up my T-Mobile ID for my T-Mobile account, via computer, as T-Mobile required me to do. The account covers two phones. I gave my email address, and signed up one phone as the primary account, that I now use to sign in to T-Mobile. When I sign in, Two step verification sends a 6 digit ID number to the primary phone. That is the only place it offers to send it. I tried to sign in from the other phone, and from the computer. In all cases, it sends the verification code to the primary phone. There is no option listed to send it to the other phone, or to the email account registered under my T-Mobile ID. I have already lost one phone, a different phone (or it was stolen). If I lose this primary phone, I won't be able to log in to my T-Mobile account, because I won't be able to get the 6 digit 2 step verification code. In other words, if I lose my phone, it appears I will never be able to log in to my T-Mobile account again. (That has always made me afraid to use them when offered). I have searched the T-Mobile website, and can't find any place to choose a different two step verification alternative, such as sending the code to my email account. My bank gives me all kinds of choices for two step verification: several phones I have registered, as well as email, any one of which I can choose from when attempting to login. Surely the engineering geniuses at T-Mobile can do the same? And put it in a place where I can find it? Does anybody know how to do this with T-Mobile ID?
Use of Google Authenticator for 2 factor authentication
Can anyone help me understand why the T-mobile website won't take my authentication codes when using Google Authenticator? I have initially set up 2-Factor authentication and chosen to use Google Authenticator as the means but every time I have set this up and tried to log into my account with it, the site will not take any of the codes I type for it. I end up having to switch back to SMS Text for authentication. Can anyone help me understand and fix the Google Authenticator to use it for 2-factor? Best!
Security issue: t-mobile will not stop trusting browser!
t-mobile is always trusting my browser and device and it is never asking me for two factor. I tried clearing all cookies but t-mobile just lets me sail on in with only a user name and password. Steps I took… Log in first time. t-mobile asks for dual factor which is good and expected. I accidentally clicked that I did not want t-mobile to ask me again on this device/browser. I could not find any way to "untrust" the browser/device. I could not find any help on this. I logged out and logged back in…t-mobile lets me in without dual factor... I tried clearing all cookies. I log in again, and t-mobile simply accepts my user name and password without any second factor. Most all websites I know allow a user to "untrust" a device, or at least clearing cookies will resume asking for dual factor's second factor. This seems very insecure. Anyone (or any malware) commandeering thebrowser can log in without dual factor and I cannot see any way to stop that…it's like t-mobile is remembering the device/browser some other way…but if that's the case, the online login should have an option to "untrust" the device/browser (or cookies should do the same). Forgive if I'm missing something but I have never seen this kind of behavior before except for cases where dual factor is broken.