How Do I Manage Multi-Factor Authentication When Abroad?
November 1, 2021 8:27 AM   Subscribe

I am in the US and am moving abroad for a year, where I will get a new phone. Many of the online services I currently use in the US text me a code to confirm my identity, and my bank uses my current phone number as authentication when I call. When I move abroad, I won't have a new number until I get a new phone, I'm not sure if international text messages are reliable, and I usually use Skype for international calls. How should I handle MFA abroad/ avoid getting locked out of accounts?
posted by my log does not judge to Technology (16 answers total) 10 users marked this as a favorite
You should switch as many accounts as possible to using an authenticator app like Google Authenticator or Authy, or switch to using a Yubikey-like device to store your authentication information.

In the meantime, you should print out all of the backup codes you can find for every service, usually under Account/Security.
posted by bowbeacon at 8:43 AM on November 1, 2021 [6 favorites]

First of all, figure out how many of your accounts *need* to use a text for 2FA - if you can switch to an authenticator app/trusted device kind of scheme, do that. Like, for most use cases I'm able to use the CapitalOne app on my phone to authenticate with CapitalOne. For many other accounts I'm able to use a Google Authenticator app that generates codes on the fly.

Second, since you're only moving abroad for a year, I assume you'll be keeping your US number and thus paying some US provider for service that you won't really be using? You could just put your SIM in a cheap burner phone that you only use for 2FA.

Here's some discussion of the two-factor issue on NomadList.
posted by mskyle at 8:45 AM on November 1, 2021

Port your existing number to a free/cheap SIP provider. You'll have to pay to port your number, but so long as you have data/wifi, the number can be valid.

Note that at least my free/cheap SIP provider does not work well with many text MFA methods (they just never get recieved), and I need to use the "call" method.
posted by nobeagle at 8:45 AM on November 1, 2021 [2 favorites]

Would a Google Voice number work for your authenticating texts? If you set it up before you leave, you can get into it from anywhere that you can get online.
posted by anadem at 8:53 AM on November 1, 2021 [3 favorites]

my bank uses my current phone number as authentication when I call
People change phone numbers and have more than one, so they should have a process for this in place. You'll need to tell them you are moving and change mailing address with them, so do it then, in person. Lay out your question (including how to add a number and if they can do international) and write down what they say. Then, I would also call them later and verify the process and again write down what they say. They have notes on your account and you should also keep notes on what you are told in case something does not add up.

Your bank is one of the few places you can still expect personalized service, so take advantage of that.
posted by soelo at 9:07 AM on November 1, 2021

This may not work for you, but I kept my US number while living abroad. My US number was associated with my iMessage, so I was able to receive verification texts to my computer using the iMessage app while using wi-fi. I did not have an issue.
posted by quadrilaterals at 9:21 AM on November 1, 2021 [2 favorites]

I use Google Voice and I ported a line to Number Barn. I think it is $2/mo. If I get a text to that number including 2FA texts, it sends me an email with the message. I have never failed to get a text in time and I got to keep a long time number.
posted by AugustWest at 9:47 AM on November 1, 2021 [5 favorites]

I've used Google Voice for this and it works perfectly for receiving texts at a US number, no matter where you are. My Google Voice text log is pretty much nothing but MFA codes!
posted by whitewall at 9:47 AM on November 1, 2021

For what it's worth, authenticator apps like Authy or physical authentication like YubiKey are more secure than texting because SMS can be hacked.
posted by Anonymous at 9:50 AM on November 1, 2021

This was an issue for me when I moved abroad and when I returned home. Some systems have alternative authentication confirmations -- email, security questions, etc. Move to those if possible. You can also turn it off. You're good to get ahead of this. A new number via Google Voice might work but you want to make sure before you go.
posted by bluedaisy at 10:53 AM on November 1, 2021

Nthing the following points:
  • Switch as many accounts as possible to use an app-based MFA app like Google Authenticator or similar
  • Print out the backup codes for these accounts and keep them in a safe place. Note that anyone with these codes will be able to bypass MFA, so keeping them secure is important.
  • For anything where you must use SMS, I n-th the recommendation to get a Google Voice account and switch those accounts to use that number. That will be the cheapest way forward, and this way you can tackle the issue of MFA separately from whether or not you want to keep your existing US phone number alive or not.
  • You might consider getting a password manager like Bitwarden or 1Password and use randomly-generated passwords; it will improve your security for any case where you don't have MFA, and you can typically also use it as a way to store information other than just passwords securely.
  • Make sure you do all of this before leaving the country. It will be more difficult to do if you wait.

posted by Aleyn at 11:52 AM on November 1, 2021

Response by poster: Thanks everyone! I have set up a Google Voice account, linked to my US cell #. I will not be keeping my US cell # when I leave because it's a work account - does anyone know if the Google Voice account will cease to function when I leave work and the account is closed, or was that # just required for setup?
posted by my log does not judge at 12:28 PM on November 1, 2021

Unless they've changed something, it should last indefinitely. Having to provide one for setup is to reduce fraud and keep people from registering thousands of numbers.

I have encountered a few services that will not send 2FA messages to my Google Voice number so you'll want to test all of them before you lose your primary number. And as noted above, moving as much as possible to an authenticator app or token is ideal in general.
posted by Candleman at 12:36 PM on November 1, 2021 [1 favorite]

Actually I think you do need to have the account linked to an active cell phone number at all times . . .
posted by Anonymous at 2:42 PM on November 1, 2021

You might want to have a family member or friend's phone number as a temporary option to be the new number, if there's going to be a lag between when your work number stops being available to you and you have a new number abroad. This is truly one of the hassles of moving overseas, which is why folks are encouraging you to move away from two-factor via SMS.
posted by bluedaisy at 2:51 PM on November 1, 2021

Actually I think you do need to have the account linked to an active cell phone number at all times

Perhaps they made an exception for Fi users, but because they wouldn't allow Google Voice to be linked to Fi numbers, my GV number was not connected to anything for at least 5 years. And this Google support page from 2019 says:
After you have successfully set up a Google Voice number, you are not required to forward calls to that number. You can either simply turn off the call forwarding setting in GV settings, or you can delete the linked forwarding number.
That site is volunteer based rather than staffed by Google employees but seems fairly reliable.
posted by Candleman at 4:38 PM on November 1, 2021

« Older Are some of my deck joists rotten?   |   Why Can't I Be a Gracious, Grateful Lady? Newer »

You are not logged in, either login or create an account to post comments