
Ask HN: Which U.S. wireless carrier best protects from phone number hijacking? - whitepoplar
Given the importance of phone numbers for security nowadays, I&#x27;m curious to know which U.S. wireless carrier(s) has the best procedures in place for preventing unauthorized use&#x2F;takeover of a phone number? Ideally, I wouldn&#x27;t be asking this question, but many services still use SMS in their 2-factor auth process and it&#x27;s scary to think that someone can take over an account by tricking a carrier&#x27;s customer service agent. Any experience with this?
======
LUmBULtERA
I use a Google Voice number for this task. To me it seems more secure, and
privacy of carrier SMS vs. GV is debatable. It's also "portable" so I can
switch carriers and a phone's actual number without switching my 2FA phone
number. I'd be interested in hearing what other people think about this.

~~~
chatmasta
It's not a bad idea but it definitely has downsides. For example, if your GV
number is on the same Google account as your email, and you use the GV number
for 2fa, then you've turned two points of failure into a single point of
failure. The point of 2fa is to use "something you have access to" and
"something you have" (e.g. a device). By using the same account for both steps
of 2fa, you defeat the purpose of it, _in the event your Google account is
compromised._ Whether that is safer than the status quo of a 2fa SMS number at
a wireless carrier is up for you to decide.

~~~
LUmBULtERA
Oh, I thought this would only be used only for services that do not allow
other forms of 2FA. For example, my google account is protected by U2F
security tokens.

