My own 2FA app locked me out of my bank account

Last Tuesday I went to pay a bill and realized I couldn't get into my bank account. The authenticator app on my phone had reset itself overnight, no idea why. No backup codes saved anywhere either, dumb move on my part. Had to call the bank and sit on hold for 45 minutes to prove my identity. They ended up disabling 2FA on my account and I had to set it all up again from scratch. Now I keep a printed list of backup codes in my desk drawer. Anyone else had a phone update wipe their authenticator data?

3 comments

3 Comments

reesemoore20d ago

Read that Yubico thing @sullivan.finley mentioned, hardware tokens seem like a solid backup.

alice_palmer2020d ago

Banks trusting phone updates as backup is like using a chocolate teapot for a rainstorm.

sullivan.finley20d ago

My iPhone updated to iOS 17.2 and wiped my authenticator app clean last month too, it's a known bug with that specific update lol. The real issue nobody talks about is how banks let you use these apps as the only backup method without warning you about update risks. I actually found out you can use something like a hardware token from Yubico as a backup 2FA method with most major banks, way more stable than trusting your phone updates. Also pro tip, take a screenshot of your QR setup code and email it to yourself encrypted, that way you can always rescan it if the app resets. The backup codes thing is smart but make sure you store them somewhere fireproof just in case.