The Facts on two-factor Authentication

Posted on 02/16/23

One way to protect yourself from identity thieves is by opting into two-factor authentication. This means that to log in to a given site, you enter your password, and then are prompted to enter an authentication code. You either receive the code via text, phone, or email, or you use an app that generates the code. Once you enter that code, you are able to log in. This additional layer of security is meant to protect you in case a criminal has your login information. But like other protections, scammers have found a way around it.

Credit reporting company Experian warns that scammers are using bots — automated programs — to convince people to share their two-factor authentication codes. The bot makes a robocall or sends a text that appears to come from a legitimate entity, like your bank . It asks you to authorize a particular charge, and if you didn’t recognize the charge, to enter your authentication code. In reality, the bot is trying to log into your account, but it needs that code to break in.

Two-factor authentication codes work as intended, but if a criminal is able to convince you to share it, it has no value. Anytime you are prompted by an unsolicited communication to share a recently received authentication code, it’s a scam. Change your password to that account ASAP.   

Be a fraud fighter!  If you can spot a scam, you can stop a scam.

Report scams to local law enforcement. For help from AARP, call 1-877-908-3360 or visit the AARP Fraud Watch Network at www.aarp.org/fraudwatchnetwork.


Explore the free AARP HomeFit Guide

AARP Events for Norton

View All AARP Events

image of two AARP membership cards
Only $12 your first year with Automatic Renewal
  • Immediate access to your member benefits
  • Discounts on travel and everyday savings
  • Subscription to AARP The Magazine
  • FREE second membership
Join AARP
Already a member? Renew or Print Card

Contact AARP
Texas