Was just reminded by some of the things I’ve been reading online to make a Port Validation # for my tmobile account to avoid having my cell # ported to some thief’s account. It was quick and fairly painless. You can also have them switch from using your last 4 of primary accountholder’s SSN to confirm your ID to something else that the thief may not know (though I didn’t do that). The port validation # has to be 6-15 digits and something you can remember or look up so you don’t forget it (we record all of these security items into a spreadsheet), while others use a program or app.
If you can’t recall it, they will send you a one-time PIN to your cell # and you can use that to create a new Port Validation #. It’s HIGHLY recommended that T-Mobile folks do this to help slow down thieves from stealing your phone # in connection with stealing your assets if you have 2-factor ID and your phone receiving PIN texts.
H will be adding Port Validation to his account that S’s phone is also on as soon as he can decide on digits he likes and can remember. My account has me and D on it and is $60 for our 2 lines, including all taxes & fees with unlimited talk, text and data (no throttling), including international text and data.
You can add an alphanumberic password or phrase as well, in addition to the 4 digit PIN. You can also require than any changes be made in person at TMobile store (where ID has to be presented).
This is very important to any tmobile users because if you don't have this., T mobile just allow your number to be ported on the basis of someone just knowing the number and asking. Really, as T mobile just gives away the number, it isn't even just fraudulent, it is hugely negligent. Also it shines a light on how the use of SMS for 2 factor ID for banking is not a great idea. Google voice and any device only verification seems OK, otherwise email.
Actually you need the last 4 digits of SSN OR your password as well. Since so many of us had our SSNs stolen (Equifax, OPM, Anthem, etc), it’s recommended folks put strong alphanumeric passwords on their accounts instead of last 4 of SSN.
Since email can be hacked and compromised, it’s hard for me to see that as safer. I think sms messaging if you have your validation code and strong password would be better than email.
T mobile didn’t even ask for that. The port out they did was purely about having the phone number. I have 4 numbers under my name. The one that was a problem was the only one that was usable for 2 step verification via SMS at the bank in an account that is not mine LOL. All they needed was the phone number. T mobile are throwing anything at the wall that will stick as an excuse but the equifax theft was months ago, this hack was public months ago, even now t mobiles customers are not being made aware of the port validation unless they are proactive.
Phew, after some work, was able to switch my 2nd ID factor on my google account to our landline and the google app and the google Authenticator app. I had been lulled to believe sms messages with codes were secure. I only do financial transactions from our home desktop but guess I should review our finances more regularly. The bad guys are working overtime to steal whatever they can.
All SMS texts are by nature insecure. Folks needs to use other means for security. This is just a PSA because I had no idea myself.
Thanks for the reminder. I got a text from Tmobile about this last week but I forgot about it.
So… I called 611, and I gave them my phone number and the last 4 digits of my SS and they gave me a password that was a 6 digit number that I chose. Very easy… too easy!
I signed up with Tmobile a few years ago and got 4 lines for $100/month and have been pretty happy with them. I just added a 5th line and it only added $10/month to my bill!!
Actually, the SMS messaging issue is a serious security problem for all cell phones.
The porting phone numbers, you have to check with your carrier and ask what it takes to move your phone number from one phone to another in case you forgot your password, etc.
The harder and more inconvenient it is for you hopefully it is also tougher for thieves. My current carrier is T-Mobile, so that’s all I’ve been researching.
The longer and more complex your password, the better, according to my H, who worked with phone and computer security 45 years.
