cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
1,469 Views
Message 11 of 18

Re: New login screen bypassing 2FA

Go to solution

Hi @AliG3,

I wanted to give you an update on this. Our new authentication platform is risk based and uses several factors to decide when to make a 2FA prompt. For security reasons we cannot reveal the risk based factors that are used, but please be assured that if the platform detects the required level of risk then a 2FA prompt will be made.

Thank you
DanielS

0 Ratings
Reply
1,391 Views
Message 12 of 18

Re: New login screen bypassing 2FA

Go to solution

Hi Daniel - really sorry I missed this reply. Good news that 2FA hasn't been lost - and the user journey has been made more frictionless.

Cheers for the update.

Allen

1,211 Views
Message 13 of 18

Re: New login screen bypassing 2FA

Go to solution

just as an aside to this - I have 2fa activated but when I go in to try to amend/look at authorised devices under >your details>edit 2 step authentication settings - the option crashes saying..

Sorry, we couldn’t save your changes. Please try again.

Is it broken at the moment?

0 Ratings
Reply
1,203 Views
Message 14 of 18

Re: New login screen bypassing 2FA

Go to solution

@Kielty23 

See this thread and in particular message 3 about problems with 2FA

Two-Factor Authentication Settings keep disappeari... - BT Community

0 Ratings
Reply
1,200 Views
Message 15 of 18

Re: New login screen bypassing 2FA

Go to solution

brilliant👍 thank you..

0 Ratings
Reply
697 Views
Message 16 of 18

Re: New login screen bypassing 2FA

Go to solution

I'm fascinated to understand what "risk based" is. 

I've tried everything to get 2FA working on MY BT. 

Different search engines, different devices (Inc my daughters laptop which I've never used to sign onto MY BT. So I assumed maybe it's done on GEO Location. I asked a friend of mine who lives in the west country (I live in the South East of UK) to sign onto my MY BT.  He lives 100 miles away from me.

He was able to sign on to my MY BT Account without being challenged by 2FA.

Please explain that? Had he been a scammer/hacker tried he/she would not be challenged.

What risk based system allows this to happen?

0 Ratings
Reply
686 Views
Message 17 of 18

Re: New login screen bypassing 2FA

Go to solution

Also - why does 2FA not apply when changing passwords?

0 Ratings
Reply
580 Views
Message 18 of 18

Re: New login screen bypassing 2FA

Go to solution

@DanielS I'm keen for your view on my experiment to find a way for BT's 2FA to actually prompt when logging on or even when changing the account password (MY BT).

It's been puzzling me as to what are in the BT Risk Based Factors which stop a prompt from the new 2FA system.

I've tried different browsers, different computers at my home address. Thinking it must pick up GEO location or IP address of the BT router I got a friend to try, he lives 100 miles away. All experiments worked without being prompted for 2FA. So I got another friend to sign onto our MY BT account via his mobile, using 5G and with Wifi disconnected. He too was successful without being prompted for 2FA verification. 

Is BT's new 2FA system so special it forgets to actually prompt your customers?

I'd love to hear from any of the 25 million BT consumer customers who have found a way round BT's new risk based 2FA and got it to work.

Feeling quite vulnerable given the security questions used by BT are consider weak and unsophisticated. 

0 Ratings
Reply