
I'll always setup an authenticator app and put SMS just as a backup - omidfi
I spent three days on emailing and calling Amazon UK, to be able to get into my account.<p>I have 2 phone numbers registered in the account, and none of them recieved the text messages that had the security code!<p>Amazon support was funny, it took me sometime to see clearly that they are just sending me different message templates. It was a loop:<p>1. I sent them an email.
2. They asked me to call. 
3. I called and they sent me the security code to my phone, which I still didn&#x27;t recieve. 
4. They asked me to send an email. 
5. They replied with: please call us!<p>I&#x27;ll always install an authenticator app instead of relying on text messages from now on.
======
j_s
For the record, phone numbers and SMS are a security vulnerability. Current
recommended best practice once a U2F token and authentiator app are setup is
to remove the phone number from the account (which may not be an option for
many services).

[https://techsolidarity.org/resources/security_key_faq.htm](https://techsolidarity.org/resources/security_key_faq.htm)

 _there are at least three reasons why you should avoid using text messages
for two-factor authentication.

· Your phone number can be easily hijacked by someone who calls the phone
company and pretends to be you.

· The text message can be viewed or redirected while en route to your phone.

· Many phones are configured to display text messages on the lock screen.

If text messages are the only way to add two-factor authentication to your
account, they are better than nothing. But if you can use an alternative
method, like an authenticator app or a security key, use that instead._

[https://news.ycombinator.com/item?id=14106578](https://news.ycombinator.com/item?id=14106578)

> tptacek: _The real answer for "why not SMS" is "because both teenagers and
> intelligence services can get a phone number redirected; your phone number
> is not your phone."_

------
bartoszhernas
1Password has build-in authenticator app, and it works great. I highly
recommend it instead of Google Authenticator.

~~~
tqkxzugoaupvwqr
Thanks for mentioning this! Had to look it up because it is hidden away in
1Password. Help[1].

[1] [https://support.1password.com/one-time-
passwords/](https://support.1password.com/one-time-passwords/)

------
forzo
Recently I faced same issue with SMS for my Digital Ocean account. Fortunately
I have my backup code to restore an account. Finally I moved to authenticator
based code. By the way, Digital Ocean support is much more better than Amazon.

------
CodeWriter23
Just remember to copy the TOTPs to your new phone or use a password manager
that stores them for you.

------
segmondy
Are you using a virtual number? Some companies don't send text to virtual
numbers such as Google numbers.

~~~
omidfi
No it's a normal cellphone number

