Dear Lifehacker, I am quite security-conscious when it comes to online accounts and use strong passwords via LastPass and two-factor authentication wherever possible via SMS. However, I will be travelling overseas soon, and getting a new SIM card and number. How can I keep my accounts secure while travelling and not need to receive text messages?
What if my phone is lost or stolen? How will I be able to access my accounts? Am I better to turn off two-factor while travelling?
Thanks
Timid Traveller
Phone picture from Shutterstock
Dear TT,
Your best bet would be to check with your banking provider regarding their rules and regulations around two factor authentication. It may be that (pending providing your credentials) they’ll make a switch to an overseas number to enable two-factor authentication while travelling. You never know until you ask, but the rules for each financial provider do vary. Bear in mind that in many overseas countries there’s an associated cost with receiving SMS messages to factor in there as well if you do a lot of remote banking.
Equally, they may allow you to temporarily suspend two-factor authentication while you’re travelling, although obviously this is a less than optimal approach. It may also — as we’ve noted previously — be possible to switch to another form of verification such as a code generation device if your bank provides them. That has the added benefit that if you’re unable to roam or receive messages you should still be able to generate the necessary codes to enable bank access, although like the mobile, if it’s lost or stolen you may be unable to access your accounts until you return to Australian soil.
Cheers
Lifehacker
Got your own question you want to put to Lifehacker? Send it using our [contact text=”contact form”].
Comments
5 responses to “Ask LH: How Can I Use Two-Factor Authentication Overseas?”
Easiest way – get roaming.
As well, if you set up for international roaming, make sure that your bank or other provider has you mobile (cell) number in a canonical (international) form with the country code and omitting the first “0”.
Similarly, you may use an app-based token on your phone like Authy as part of your multifactor authentication. This is best done on another smartphone like your older smartphone that you spurned due to upgrading to a newer model.
If you are roaming, calla and texts will reach you regardless of what “number” format they are sent to. It makes no difference.
Be careful if you have 2FA on computer accounts and you lose or reformat a device (eg an iOS update) overseas as you may have a lot of trouble reestablishing access.
The solution is very simple really:
Switch to the Citibank Plus transaction account for all your day-to-day banking needs.
Not only you will not pay anything for making purchases and withdrawing cash while overseas, their banking app has a built-in functionality to generate a security code for 2FA instead of having it sent by SMS. The app can generate the code even without an internet connection so you can use it in an internet cafe to generate a code while using their computer to log into your online banking.
I travel overseas often and extensively and this relatively new functionality has saved my bacon many many times.
IMHO, ANY Australian who ever plans to travel overseas or needs to send and receive money from overseas needs to have this account which is completely free to get and to hold and the only transaction account that has no fees on ANYTHING.