How can I keep using Gmail, PayPal and Bank of America 2-step verification after moving from the US to Bulgaria?
August 9, 2012 8:08 AM Subscribe
How can I keep using Gmail, PayPal and Bank of America 2-step verification after moving from the US to Bulgaria?
I'm moving from the US to Bulgaria at the end of August and I'd like to keep using the 2-step verification process offered by Gmail, PayPal's mobile Security Key and Bank of America's Safe Pass service while I'm there. To that end, I am trying to figure a few things out:
1. Gmail supposedly offers its 2-step verification service with local carriers. To those of you who have used the service in Bulgaria, how reliable is it? Does it actually work?
2. From what I've gathered so far, neither PayPal's Security Key nor Bank of America's Safe Pass are supported within Bulgaria. What options can you recommend in order to get them to work? Using a US phone with a US phone number and paying for roaming charges to cover the received text messages (probably about 2 a day)? Maybe some sort of a text-only service that will let me receive only text messages at a more affordable rate?
3. I'm hoping to be able to receive the codes on a regular dumbphone - I don't have a smartphone and I feel that using Skype or any other computer-based service defeats the purpose of the verification process.
I'm moving from the US to Bulgaria at the end of August and I'd like to keep using the 2-step verification process offered by Gmail, PayPal's mobile Security Key and Bank of America's Safe Pass service while I'm there. To that end, I am trying to figure a few things out:
1. Gmail supposedly offers its 2-step verification service with local carriers. To those of you who have used the service in Bulgaria, how reliable is it? Does it actually work?
2. From what I've gathered so far, neither PayPal's Security Key nor Bank of America's Safe Pass are supported within Bulgaria. What options can you recommend in order to get them to work? Using a US phone with a US phone number and paying for roaming charges to cover the received text messages (probably about 2 a day)? Maybe some sort of a text-only service that will let me receive only text messages at a more affordable rate?
3. I'm hoping to be able to receive the codes on a regular dumbphone - I don't have a smartphone and I feel that using Skype or any other computer-based service defeats the purpose of the verification process.
Google's two-step verification also supplies you with a batch of login confirmation codes that you can use if you don't have access to your phone. I don't know for sure, but I suspect you could just use those exclusively while abroad; you'd just have to request a new batch regularly.
posted by Levi Stahl at 8:28 AM on August 9, 2012
posted by Levi Stahl at 8:28 AM on August 9, 2012
Gmail supposedly offers its 2-step verification service with local carriers.
My understanding is that there are two ways to do this with your phone, one that requires connectivity and one that does not. I use the one that does not because i have intermittent connectivity and I can confirm that it worked when I was in a foreign country [Canada] where my phone was not online in any way. This will probably work for you as well. This help page has more information about this.
posted by jessamyn at 9:11 AM on August 9, 2012
My understanding is that there are two ways to do this with your phone, one that requires connectivity and one that does not. I use the one that does not because i have intermittent connectivity and I can confirm that it worked when I was in a foreign country [Canada] where my phone was not online in any way. This will probably work for you as well. This help page has more information about this.
posted by jessamyn at 9:11 AM on August 9, 2012
Google lets you generate 10 new verification codes at a time and print them out to carry around. If they get stolen, you can invalidate them all by creating a new set. Also, of course, that piece of paper doesn't have your password, so it is kinda useless. Hence, two factor.
posted by rockindata at 10:04 AM on August 9, 2012
posted by rockindata at 10:04 AM on August 9, 2012
Kinda useless to anyone that doesn't have the password, that is.
posted by rockindata at 10:04 AM on August 9, 2012
posted by rockindata at 10:04 AM on August 9, 2012
If you buy the credit-card-format keys from Paypal and the bank, you can use those without any form of phone connection; they work by encrypting the current time using a hidden key assigned to the card.
And since Gmail allows the use of 20-character passwords, I'm unconvinced that simply using a decent password is significantly less secure in practice than 2-factor auth.
posted by flabdablet at 10:08 AM on August 9, 2012
And since Gmail allows the use of 20-character passwords, I'm unconvinced that simply using a decent password is significantly less secure in practice than 2-factor auth.
posted by flabdablet at 10:08 AM on August 9, 2012
Yes, download the Google Authenticator app, it's a token generator that doesn't require connectivity. If you're really adamant about not getting a smart phone I think you could use it on a iPod touch.
As flabdablet mentions, Bank of America has a $20 card that will do token generation for you without an internet connection, PayPal apparently has the same thing.
posted by phoenixy at 12:50 PM on August 9, 2012
As flabdablet mentions, Bank of America has a $20 card that will do token generation for you without an internet connection, PayPal apparently has the same thing.
posted by phoenixy at 12:50 PM on August 9, 2012
(But it would have to be one of the iPod touches that has a camera, since that's how you link it to your account. Older generation ones without a camera wouldn't work.)
posted by phoenixy at 12:51 PM on August 9, 2012
posted by phoenixy at 12:51 PM on August 9, 2012
This thread is closed to new comments.
posted by k8t at 8:14 AM on August 9, 2012