Having the phone number as a fallback really kills the added security that an authentication app offers. I would like to remove my phone number as a backup, and instead have one time codes if I need them. Is there any way to do this? even if I don't have a backup I would rather re-create my account then have the phone number as a secondary 2FA option.
Click on My Account at the top of the program screen. Click on Account Settings. Click on Security. Make any changes needed in the Security section.
This does not help. The only option is to remove 2FA altogether and I do not want to do that. I would like to remove only my phone as an option, and leave the authentication app in place.
Apparently not. You must have a phone number for the 2 step verification.
See this TurboTax support FAQ - <a rel="nofollow" target="_blank" href="https://ttlc.intuit.com/questions/2902682-what-is-two-step-verification">https://ttlc.intuit.com/questions/2902682-what-is-two-step-verification</a>
Not a good idea but you could enter a fake number but that only leaves you with one valid option.
Phone numbers must be verified by text or voice call, so not really an option
This is hilariously bad. Intuit is obviously just requiring phone numbers so they can scrape information from people instead of giving them actual TOTP or Yubikey / Google Titan based MFA.
Cool way to ruin your MFA Intuit! Fix this dumbass garbage!
The OP is correct.
There SHOULD be a way of having the option to ONLY use an Authenticator app for 2FA.
SMS 2FA is outdated and NOT secure.
@crash345u You are posting on a old post that has already been answered. No need for that.
How do we request TT correct the security flaw?
The post may have been answered but the problem has not been resolved.
@crash345u How do you know its still a problem? If you are having a problem post your own question so someone can help you or give you the information you need. Jumping on old posts can get ignored.
is there an update to this? doesn't seem to be resolved. I can't find a way to remove phone number from 2fa even though I've added auth app. google and intuit search leads you straight to this thread, so would be good to add updated information
Please explain what you are specifically trying to do.
I specifically trying to do exactly what is described in this thread. therefore I posted in this thread instead of repeating the same question in new thread. not sure what I could add:
Having the phone number as a fallback really kills the added security that an authentication app offers. I would like to remove my phone number as a backup, and instead have one time codes if I need them. Is there any way to do this?
After recent cyber attacks on telecommunication even FBI warned to stop using SMS. As others have already pointed out in this thread you can only increase security if phone number is removed from 2FA in favor of authenticator app.
We can't help you with this in the community.
Please call TurboTax Customer service. Here is a link: Turbo Tax Customer Service
I called support and they had no clue what the problem even is.
TurboTax needs to provide the use the authenticator app as the SOLE method for authenticating. Keeping the use of texting a code is a joke.
You should be able to do this. Do you not have access to the phone number currently associated with your account?
Yes I have access to my phone and that phone number.
That is not the point.
I do NOT want a phone to be able to receive a code that allows access to my account.
I want access to my account to be restricted to ONLY the use of the authenticator app.
This is what I'm finding.
You can turn off the "opt-in" 2-step verification and switch to an authenticator, but you cannot completely remove a phone number from your account's "Multi-Factor Authentication" (MFA) safety net.
If you are already logged into TurboTax:
To switch to an Authenticator App (like Google Authenticator or Authy).
Will this require that the Authenticator app has to ALWAYS be used to sign in?
If not, then it is not secure.
I would think so. That's the whole point of 2FA and authenticator apps. Did you try it?