2FA while overseas (Google Voice doesn't support short-SMS codes?)

Non-investing personal finance issues including insurance, credit, real estate, taxes, employment and legal issues such as trusts and wills
Post Reply
Topic Author
LeftCoastIV
Posts: 256
Joined: Wed May 01, 2019 7:19 pm

2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by LeftCoastIV »

We are preparing for a move to Europe, from the U.S., and I am trying to sort out how I will keep accessing my online accounts using two-factor authentication (2FA) after we move.

I was planning to use Google Voice with a U.S. number, but Google Voice apparently no longer supports short-SMS, or more accurately banks won't allow short-SMS to be sent to non-carrier numbers, from what I've read.

An authenticator app like Microsoft Authenticator or Google Authenticator would work, but very few online services appear to support TOTP as an authentication option.

My current thinking is to use 1Password as a password manager for all my sites, and then set-up 2FA for 1Password itself (using Microsoft Authenticator). I don't love the idea of all of my passwords being stored in one place though, even with 2FA.

Any ideas?
j0nnyg1984
Posts: 752
Joined: Sun Apr 24, 2016 9:55 am

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by j0nnyg1984 »

I don’t know what “short-SMS” is, but I get 2FA from many institutions on my GV number, including banks and my doctor’s portal website. I think the only place that my GV number WON’T work for a text code is Wells Fargo, so I just have them call me.

Is email an option? I know BoA offers to email my code.
Topic Author
LeftCoastIV
Posts: 256
Joined: Wed May 01, 2019 7:19 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by LeftCoastIV »

j0nnyg1984 wrote: Thu Oct 29, 2020 11:38 pm I don’t know what “short-SMS” is, but I get 2FA from many institutions on my GV number, including banks and my doctor’s portal website. I think the only place that my GV number WON’T work for a text code is Wells Fargo, so I just have them call me.

Is email an option? I know BoA offers to email my code.
Short-SMS are the texts you receive from your bank websites or similar with numbers like 20736 (rather than a fully-formed ten digit phone number). From reading online, I had understood that sending these messages to Google Voice was no longer supported. It sounds like this may be wrong based on your experience.
j0nnyg1984
Posts: 752
Joined: Sun Apr 24, 2016 9:55 am

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by j0nnyg1984 »

LeftCoastIV wrote: Thu Oct 29, 2020 11:41 pm Short-SMS are the texts you receive from your bank websites or similar with numbers like 20736 (rather than a fully-formed ten digit phone number). From reading online, I had understood that sending these messages to Google Voice was no longer supported. It sounds like this may be wrong based on your experience.
Gotcha. Yes, I have a stack of texts from these short numbers in the last month - Merrill edge, my doctor portal, amazon, Marcus bank, HSBC, the global entry .gov website, etc.
TravelGeek
Posts: 4043
Joined: Sat Oct 25, 2014 3:23 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by TravelGeek »

LeftCoastIV wrote: Thu Oct 29, 2020 11:33 pm We are preparing for a move to Europe, from the U.S., and I am trying to sort out how I will keep accessing my online accounts using two-factor authentication (2FA) after we move.

I was planning to use Google Voice with a U.S. number, but Google Voice apparently no longer supports short-SMS, or more accurately banks won't allow short-SMS to be sent to non-carrier numbers, from what I've read.

An authenticator app like Microsoft Authenticator or Google Authenticator would work, but very few online services appear to support TOTP as an authentication option.

My current thinking is to use 1Password as a password manager for all my sites, and then set-up 2FA for 1Password itself (using Microsoft Authenticator). I don't love the idea of all of my passwords being stored in one place though, even with 2FA.

Any ideas?
You should use a password manager with a strong pass phrase in any case, and all passwords stored in the password manager should be strong passwords. I think that is orthogonal to the question of how to best deal with 2FA for the individual sites.
trigger08
Posts: 50
Joined: Wed Aug 15, 2007 1:58 pm
Location: HK

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by trigger08 »

I am currently overseas and use GV as my USA phone number. GV certainly supports short codes, the issue is some banks/institutions will not, or cannot, send them to GV for some reason. You might be able to search around and see if other GV users have reported issues with your particular bank(s). Off the top of my head I know I have recently received codes from Vanguard, Fidelity, and Capital One.

I try to use 1password and its ability to be a 2FA app (with Google Authenticator) whenever sites support it, instead of relying on phone/email as the second factor.
AlohaJoe
Posts: 5685
Joined: Mon Nov 26, 2007 2:00 pm
Location: Saigon, Vietnam

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by AlohaJoe »

trigger08 wrote: Fri Oct 30, 2020 12:28 am the issue is some banks/institutions will not, or cannot, send them to GV for some reason
It's not just Google Voice they won't send codes to. I've heard reports that they won't send them to any (known) VOIP/software type phone number. i.e. they really want it to be a physical phone with a physical SIM.

The biggest risk you run is that even if Google Voice works today, your bank might change their policy in one, or three, or five years and then you'll be locked out of your account until your next trip back to the US.

That's what happened to me.

It is better just to find a bank that offers non-SMS solutions. Schwab does, so I use them now.
User avatar
JoMoney
Posts: 10557
Joined: Tue Jul 23, 2013 5:31 am

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by JoMoney »

Weird. I haven't had problems using GV to receive 2FA messages from banks/financial firms.

There was one time I called Capital One bank on the phone, and despite having successfully received 2FA messages from there website, the call-center operator on the phone couldn't send me a message because the GV number I was providing was in their system as being a land-line (not a mobile number). I don't understand why even that was a problem, because some land-line numbers are ported to cell-phones, and some land-line numbers are even capable of receiving SMS messages... but any rate, that was the only issue I've ever had with it, and have been able to continue using GV for 2FA in every other circumstance with multiple financial institutions (including on the website with Capital One).
"To achieve satisfactory investment results is easier than most people realize; to achieve superior results is harder than it looks." - Benjamin Graham
newguy123
Posts: 105
Joined: Tue Oct 13, 2020 8:44 am

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by newguy123 »

The 2FA through text are kind of outdated now, most use the authenticator apps like google auth. The problem with the SMS codes is the whole phone port out scams that happened. Try to see if whatever app/site you are using supports the auth type through the authenticator app
Would I rather relax and make money or make money and relax ?
Topic Author
LeftCoastIV
Posts: 256
Joined: Wed May 01, 2019 7:19 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by LeftCoastIV »

newguy123 wrote: Fri Oct 30, 2020 8:38 am The 2FA through text are kind of outdated now, most use the authenticator apps like google auth. The problem with the SMS codes is the whole phone port out scams that happened. Try to see if whatever app/site you are using supports the auth type through the authenticator app
Unfortunately, support for authenticator apps is really low right now with financial websites. I can't think of a single one that we use that supports it right now (Vanguard, Fidelity, Ally, Wells Fargo, B of A, Personal Capital, etc.)
michaeljc70
Posts: 7393
Joined: Thu Oct 15, 2015 3:53 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by michaeljc70 »

I use GV and the only company I recall having an issue with is Chase. For them I have them send the code via email. I wish Chase would fix that (I'm sure they would say it is working as expected).
Lee_WSP
Posts: 3808
Joined: Fri Apr 19, 2019 5:15 pm
Location: Arizona

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by Lee_WSP »

LeftCoastIV wrote: Fri Oct 30, 2020 11:31 am
newguy123 wrote: Fri Oct 30, 2020 8:38 am The 2FA through text are kind of outdated now, most use the authenticator apps like google auth. The problem with the SMS codes is the whole phone port out scams that happened. Try to see if whatever app/site you are using supports the auth type through the authenticator app
Unfortunately, support for authenticator apps is really low right now with financial websites. I can't think of a single one that we use that supports it right now (Vanguard, Fidelity, Ally, Wells Fargo, B of A, Personal Capital, etc.)
Fidelity uses Symantec and vanguard can use a yubikey iirc.
nalor511
Posts: 1141
Joined: Mon Jul 27, 2015 1:00 am

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by nalor511 »

A ton of companies can successfully send 2FA to GV. A couple can't. The % is heavily weighted toward those who can, if I were you, I might just try and see.

Someone above mentioned Chase cannot, and that's been my experience. There's been one other, that does not come immediately to mind though.
j0nnyg1984
Posts: 752
Joined: Sun Apr 24, 2016 9:55 am

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by j0nnyg1984 »

AlohaJoe wrote: Fri Oct 30, 2020 6:23 am The biggest risk you run is that even if Google Voice works today, your bank might change their policy in one, or three, or five years and then you'll be locked out of your account until your next trip back to the US.

That's what happened to me.

Wow. Buy a prepaid SIM from a US GSM carrier and use it internationally for 2FA 😂🤦🏻‍♂️
Topic Author
LeftCoastIV
Posts: 256
Joined: Wed May 01, 2019 7:19 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by LeftCoastIV »

j0nnyg1984 wrote: Fri Oct 30, 2020 1:57 pm
AlohaJoe wrote: Fri Oct 30, 2020 6:23 am The biggest risk you run is that even if Google Voice works today, your bank might change their policy in one, or three, or five years and then you'll be locked out of your account until your next trip back to the US.

That's what happened to me.

Wow. Buy a prepaid SIM from a US GSM carrier and use it internationally for 2FA 😂🤦🏻‍♂️
That is an option, but you would need to swap in your US SIM card every time you want to log-in, and pay an int'l SMS fee for each log-in. That's too high on the hassle-meter, IMO, for regular use. I suppose a dual-SIM phone could help, but we all have iPhones.
Topic Author
LeftCoastIV
Posts: 256
Joined: Wed May 01, 2019 7:19 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by LeftCoastIV »

nalor511 wrote: Fri Oct 30, 2020 1:11 pm A ton of companies can successfully send 2FA to GV. A couple can't. The % is heavily weighted toward those who can, if I were you, I might just try and see.

Someone above mentioned Chase cannot, and that's been my experience. There's been one other, that does not come immediately to mind though.
I'm planning to be in Europe in a couple of weeks, so should be a good opportunity to "test" GV over there. I'll need to make sure I have a second 2FA option for every account, I think, in case GV stops working in the future.
AlohaJoe
Posts: 5685
Joined: Mon Nov 26, 2007 2:00 pm
Location: Saigon, Vietnam

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by AlohaJoe »

LeftCoastIV wrote: Fri Oct 30, 2020 5:40 pm That is an option, but you would need to swap in your US SIM card every time you want to log-in, and pay an int'l SMS fee for each log-in. That's too high on the hassle-meter, IMO, for regular use. I suppose a dual-SIM phone could help, but we all have iPhones.
Instead of swapping SIMs, it is easier just to buy a second phone. I can buy a Nokia 105 for $15, which is all you need to receive 2FA SMS messages. The easiest solution, though, is to switch to a bank that doesn't send SMS and instead relies on a software token. But a lot depends on how long you'll be overseas. There are big differences between going overseas for 3 months, 1 year, and "forever".
hood
Posts: 12
Joined: Sat Feb 04, 2017 4:50 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by hood »

Anyone else notice GV not working today? Wonder if just a blip or they changed something. Site says sent but GV message never appears.
word
Posts: 409
Joined: Wed Dec 01, 2010 9:32 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by word »

Using a password manager is now considered best practice. We use 1Password.

While storing all of your passwords in one place can make you uneasy, you're able to protect your password manager account with a strong password and 2FA (including a hardware key like Yubikey). It also means you can have extremely secure, very random passwords for all of your other accounts making them less prone to issues.

I would recommend moving any accounts you can to TOTP, SMS isn't considered secure anyway, though I think it is way better than nothing. I don't know about other password managers, but 1Password does allow your TOTP tokens to be stored there as well.

For services that only support SMS for 2FA you might consider a proper VOIP number or jettisoning the service or just going without 2FA depending on the service obviously. I would never do that with email, but email providers tend to support TOTP so this isn't an issue. A service like the bogleheads forum doesn't really warrant 2FA. Those are two extreme examples, but you get the idea.

I would be VERY reticent to put any faith in google voice at this point. The product has been severely neglected by Google and just FEELS like something they're going to kill off one day. Then you'll be left to scramble because you need to update your phone number on all of these sites so that you can still access your accounts.

Good luck.
User avatar
beyou
Posts: 3531
Joined: Sat Feb 27, 2010 3:57 pm
Location: Northeastern US

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by beyou »

Look at Anveo which seems to have web based incoming sms for $0.01/txt. Can test with your websites without any monthly fees. There are upgrades with monthly but a basic service with only the penny/text fee. Don’t know that this is any better than GV in terms of widespread acceptance.

https://www.anveo.com/consumer/service.asp

A burner phone with US number and prepaid to keep cost down seems like a good alternative if Anveo or GV does not work for your particular providers. Have only found a
handful that would not allow GV.
freedom66
Posts: 57
Joined: Thu Jan 22, 2015 2:51 pm

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by freedom66 »

Although Google Voice is currently able to receive 2FA codes from Vanguard (either text or voice works), there is also another option for receiving 2FA codes when out of the U.S.:

Vanguard recently introduced the ability to add a secondary phone number to send a 2FA code, and the number can be a foreign number. A little problem is that you are usually already out of the country before you buy a foreign-carrier SIM card. To get around this:

- you can call Vanguard to disable the 2FA requirement before you travel, then you would be able to log on and put in your foreign number as soon as you get it and enable the 2FA requirement.

- if Vanguard recognizes your device then you will not need a 2FA code....but you may or may not want this when you are out of the country.
nalor511
Posts: 1141
Joined: Mon Jul 27, 2015 1:00 am

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by nalor511 »

hood wrote: Wed Jan 13, 2021 6:41 am Anyone else notice GV not working today? Wonder if just a blip or they changed something. Site says sent but GV message never appears.
Yes it's been a little iffy for me Tues/wed for 2fa

I do not know why, or if I've missed other messages. It's not delayed, they just never come in. I have another line as backup, which worked, so I assume it's GV with the issue
skis4hire
Posts: 15
Joined: Thu Oct 11, 2018 12:54 am

Re: 2FA while overseas (Google Voice doesn't support short-SMS codes?)

Post by skis4hire »

very few online services appear to support TOTP as an authentication option
Which ones are you concerned about?
I only care to use 2FA for financial institutions and primary identity/email, I haven't run into a financial institution that doesn't offer non-SMS 2FA including my credit union.
Anything else you're probably fine with a password manager.

Also, for TOTP, look into something like yubico keys for a physical backup.
Post Reply