SMS Login Verification - Argh

Status
Not open for further replies.
Vic said:
This was some time ago, 2010 ish that I can remember, and earlier. No issue now, just don't agreed with the claim that Australian telcos have never charged to receive SMS
Click to expand...

Telstra definitely charged to receive incoming SMS when overseas. I’m not sure when it stopped. Possibly the last 5 years or so. I would have old company phone bills in our archives which prove it.
 
Unlock 20,000 Bonus Points on just $10K in Business Expenses
Turn business expenses into Business Class! Process $10,000 through pay.com.au to score 20,000 bonus PayRewards Points and join 30k+ savvy business owners enjoying these benefits:

- Pay suppliers who don’t take Amex
- Max out credit card rewards—even on government payments
- Earn & Transfer PayRewards Points to 8+ top airline & hotel partners

AFF Supporters can remove this and all advertisements

Depending on your account there is still a charge from any telco to receive SMS when overseas. I also remeber when there was a charge to recieve a mobile phone call, even junk calls.
 
ALH said:
Telstra definitely charged to receive incoming SMS when overseas. I’m not sure when it stopped. Possibly the last 5 years or so. I would have old company phone bills in our archives which prove it.
Click to expand...

It's been at least 10 years since the major Australian carriers charged to receive SMS while roaming. I lived overseas from late 2010 to early 2012 and researched it quite thoroughly before leaving. Threads on Whirlpool from the time confirm it was the case..

Is it free to receive TXT while overseas - Mobile carriers - Whirlpool Forums

forums.whirlpool.net.au forums.whirlpool.net.au

I'm sure it would have been charged at one point though.

Anyway, back on topic - I've set up TOTP 2FA and while it's working fine, the QR code data disappointingly includes my QFF number. Considering QF tell us to be careful with our QFF numbers and they've since removed it from BPs for privacy reasons, I'm surprised they decided to include it.

If someone were to have access to my (unlocked) phone, we're back in the position where they just need to guess a bloody 4-digit number. Frustrating.
 
jbman said:
I noticed in my account update email today they announced you can use an authenticator app
Click to expand...

About time. I just set mine!

I don't use my AU SIM whilst overseas so it has been a massive pain whenever I needed to log in.
 
OOPS, Many apologies. I am on prepay Australian account with no roaming but live in NZ. My account is curently not topped up, and you will understand why, and until the SIM expires it seems I can receice SMS. Apologies again. Obviously I can't send an SMS nor receive phone calls.

or make phone calls.
 
Last edited by a moderator:
Anyway, I haven't recieved the verification email from Qantas.
 
I have been getting into my account, by answering challenge questions. So, what's the point of this app? And why all the complains here? Have I missed something?
 
Can you sign up to use the authenticator app from the Qantas app, or do you have to use the full web site? I rarely get either the SMS or the challenge questions - it usually just goes through fine with the PIN - so I'm less affected than some people in this tread.

@Chicken , note that challenge questions are quite insecure (even worse than SMS), so the move to Authenticator apps, which is one of the best forms of 2-factor authentication, is being applauded in terms of increasing the security of the account.
 
jpp42 said:
@Chicken , note that challenge questions are quite insecure (even worse than SMS), so the move to Authenticator apps, which is one of the best forms of 2-factor authentication, is being applauded in terms of increasing the security of the account.
Click to expand...

When I log in, I have to provide the 4 digit PIN, then presented with a challenge question.

For what it is worth, the 4 digit PIN was generated by my password generator (Keepass), and if I am really worried, I could simply get my password generator to generate a random password for each question, so it would be extremely secure.

Hence, I don't know why are people complaining about SMS and mobile app?
 
Chicken said:
if I am really worried, I could simply get my password generator to generate a random password for each question, so it would be extremely secure.
Click to expand...
Fair point - I did mean that if challenge questions were taken at face value and actually answered accurately, they pose a risk.

I use a fake birthdate for non-important web sites that ask for it, as a simple obfuscation point. As you note, you could use random strings for those challenge questions instead of what they actually ask for, if you wanted.
 
Sometimes I have not received the SMS from Qantas so had to answer the questions. No big deal, as long as I remeber how to spell my mother's maiden name (it's not Smith or Jones) and the date I joined FF.
Post automatically merged:

*remember
 
Chicken said:
When I log in, I have to provide the 4 digit PIN, then presented with a challenge question.

For what it is worth, the 4 digit PIN was generated by my password generator (Keepass), and if I am really worried, I could simply get my password generator to generate a random password for each question, so it would be extremely secure.

Hence, I don't know why are people complaining about SMS and mobile app?
Click to expand...

You're missing the point of multi-factor authentication. The idea behind it is there are two different factors. Something you know, you're password/pin/answers to questions and something you have, you're phone.
 
On post paid plans Optus has never charged for receiving SMS oversea. Ive taken my phone overseas (roaming on, data off) every year since 99 and have never once been charged to receive SMS, only to send SMS, People mistakingly enable those $10 a day feature (not necesary on post paid).

Ive been on several plans over the years too.
 
But if you get a local SIM to avoid high data fees (even $10/day is quite high for many), you have to change the SIM in and out to receive SMS's from companies/banks. This is the reason I don't like it. Unfortunately, dual-SIM phones are still not that common (iPhone has never had them).

My bank has switched to using iOS notifications to deliver a confirmation code. I'm not sure that's any more secure than an SMS. It does have the advantage of being less susceptible to the phone number being ported without my knowledge.
 
Status
Not open for further replies.

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.

Recent Posts

Staff online

Currently Active Users

... and 18 more.
Total: 251 (members: 68, guests: 183)
Back
Top