Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

10 comments on “Why Am I Being Asked for Additional Verification on Sign-in?”

  1. I had this same type of problem, but it was with gmail with 2 factor authentication. I changed my password as requested but then I got to thinking, how could this happen? Google told me when it happened and what kind of phone was used, which wasn’t mine. I never sign in anywhere but my desktop in my home. The only weak link I can come up with is the IP is an open WiFi connection provided to the whole complex by someone the landlord contracts with. Could be anybody on that open WiFi, or anyone able to monitor that WiFi.

  2. I have 3 alternate emails for all of my accounts. This gives me alternate methods in case I lose access to one. My primary residence is in Germany and when I travel to the States, I still can receive text messages on my German phone and it’s even free. I believe that works because I use a GSM based SIM card. The CDMA system is used by most US wireless providers and those phones don’t work in most other countries. In the US, T-Mobile and AT&T use the GSM SIM card system and I’m wondering if anyone trading this has had any experience successfully receiving a text in any other country from a US phone. I might be able to experiment with that.

  3. For work I’m traveling on a weekly basis, so this actually is a really big problem as I’m unable to access my work email’s. First time it happened I had set up to text me, and for some reason it did not work. As I log in from the same device but from a different location, I just got a VPN (I use NordVPN because I often use public wifi so I have to encrypt my information and they are based in Panama) and when I’m travelling I set the location so it seems that I’m from the same place. Sometimes it asks for verification but not for my other emails.

  4. I’m wondering if having a Google Voice phone number could help. I think that texts sent to that number can be forwarded to your choice of devices/accounts. Is there a way to use this when the worst happens and you can’t otherwise verify?

    • This article thinks Google Voice is great for travel:

      Note, however, that some businesses will not send confirmation codes via text message to services such as Google Voice, which is VoIP and actually considered a land line. I can attest that Wells Fargo bank won’t, and have come across others. That said, when you set up 2FA for any site, add *both* your Google Voice number and your wireless carrier (cell phone) number and you should be covered.

  5. You don’t need to be traveling for this to happen. I’ve had it happen periodically sitting in my own house. It’s happened with various financial institutions as well as other online accounts. I presume it has something to do with cookies being cleared. The message often says something to the effect of not recognizing the computer I’m using, even though the same computer worked last week. And once I re-authorize the computer, all is well for a few weeks. I’m not manually clearing the cookies, so it may be Windows Defender or some other software doing it.

    • Cookie clearing will absolutely cause this, though Windows Defender does not clear cookies. Using a different browser might cause it since each uses its own collection of cookies. And some cookies have expiration dates, which is perhaps the most common cause.

      • One question I’ve had for a while is, what purpose does expiring cookies serve. It seems a s unnecessary as periodically changing your passwords when nothing has been compromised.

        • It’s a safety net. Login to a computer, walk away for days, weeks, months — you don’t want random person to walk up and be able to access your account. (It’s a site decision, FWIW — cookies can be told to expire in YEARS, allowing for effectively infinite expiration.)

          • I’m thinking more of the cookies that expire after a few days, week or months. It seems like cookies should either expire immediately on logoff to the website, for example, banks or any websites dealing with money. Facebook, on the other hand, keeps their cookies alive almost forever, and that really is a target for prank posts by friends or relatives.

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.