-
Well I got it working eventually. The 2FA via “email code” that seems to be set up by default didn’t work for me – “Bad request”. Neither did the “Set up 2FA link” via my email “in email browser” (still Chrome) – same result. But copying/pasting the link into a normal browser tab worked, and easy enough to set up with Google Authenticator.
Praise the Lord! Welcome to 1997. 😉
<soapbox>
(On a technical note, the “2FA recovery key” completely (IMHO) defeats the purpose of 2FA. You can use it to login as an alternative to your 2FA. Like a second password. That people can’t remember so need to store somewhere. Probably in cleartext on whatever device they are using. So now you can login with TWO things you know, which is NOT 2FA) </soapbox>I had the same issue! on a different note, on my last BA flight back in March I did not receive the pre departure/check-in email and only received it yesterday almost four weeks after the flight! The gift that keeps on giving lol
On a technical note, the “2FA recovery key” completely (IMHO) defeats the purpose of 2FA.
It’s not quite as bad as that, although it is not ideal. Having said that, SMS is also pretty weak as a second factor for high-value accounts. Most people still have unlocked physical SIMs and notifications with summaries on, and as a result many organisations are moving away from SMS.
This is a considered piece on the relative strengths and weakness of various additional login steps, from people who understand, have no axe to grind and no product to sell: https://www.ncsc.gov.uk/blog-post/what-if-a-service-changes-your-2-step-verification-options
Your link is for 2SV, not 2FA. SMS is still a good option as it is the “something you have” (phone). Of course the best solution is to get a password manager (I use Lastpass) and store all your randomised passwords (I have 500) in a secure vault. Shared passwords and phishing is probably the biggest issue.
If you don’t want you money/Avios, use a weak password or one you use elsewhere. I have no idea what my BA password is. But according to my password vault it is dEss8U3MvfGCmGD . NOTE: I have changed/added/deleted one character. Good luck hacking that!
I’m now getting the following message when trying to log in to BA
Check your preferred one-time password application for a code.
My preferred application was email, because I had issues with changing the number for 2FA from a number I don’t use anymore. But I now appear to be completely locked out of my account. Anyone else?
I’m now getting the following message when trying to log in to BA
Check your preferred one-time password application for a code.
My preferred application was email, because I had issues with changing the number for 2FA from a number I don’t use anymore. But I now appear to be completely locked out of my account. Anyone else?
Call BA. It’s not impossible someone has set up/changed a second factor to lock you out. When you’re on the phone ask to check your recent transactions.
Thanks @memesweeper.I have called them. My details are all correct and there are no concerning transactions. I don’t think this is a fraud issue. I think it’s a BA IT competence one.
Thanks @memesweeper.I have called them. My details are all correct and there are no concerning transactions. I don’t think this is a fraud issue. I think it’s a BA IT competence one.
Good news you’ve not lost any points, but judging from other reports here, getting the 2FA reset may be very tricky.
- You must be logged in to reply to this topic.
Popular articles this week:
