‎Turn Off 2-Factor Authentication | SimpliSafe Support Home
 
garskof's profile

Monday, September 5th, 2022 9:39 PM

Turn Off 2-Factor Authentication

How do I turn off 2-Factor Authentication?

Don't get me wrong, I think it is a good thing, but because SimpliSafe does not support multiple accounts it is fundamentally broken. My wife and I both use the SimpliSafe App on both iPhone and iPad and the web site on our Mac's. Each time SimpliSafe wants to do a 2-Factor authentication, which is once a month, it sends the code to my phone and only my phone. Hence my wife has to ask me to please tell her what the code is, every 30 days, sometimes more often if she uses both the iPhone and iPad app (it is once every 30 days per app). 

This is just broken. SimpliSafe, how do I turn off 2-Factor until such a time as you support multiple accounts (one for me and one for my wife)?

Official Response

Community Admin

 • 

5.2K Messages

 • 

50 Points

1 year ago

Hi @garskof,

The solution you're looking for is to add a second contact for the 2FA confirmation. To do that, head over to the app on your own phone (assuming you're already logged in) and go to Menu > Manage Account > Multi-Factor Authentication. From there, you can create a second contact.

After that, whenever you want to log in, and after you enter your username and password, you'll be asked to send a confirmation to your phone. If you hit the > on the right of your phone number, you can select any other phone number you have added to your account.

6 Messages

@davey_d​ 

Thanks Davey. I set that up. It is a bit non-obvious that you can do that. In most 2FA systems adding another factor means adding a different factor, as in a SecurID, Fingerprint reader, FaceID, etc. It normally does not mean another of the same type, just with a different configuration. But, now that I know, it is easy to set up. Thanks!

Captain

 • 

5.7K Messages

 • 

110 Points

1 year ago

@garskof I believe you go into the phone app, my account, 2FA and shut it off.  I did only because the current 2FA isn't too secure anyway. Also, Simplisafe, you recommend it in your app and then say eventually you will require it? Not a happy camper on that at all, unless, you will support a 3rd party authentication app like Google's, or others.

6 Messages

@captain11​ Unfortunately you can not turn off 2FA in the app. If I go to where you define it just lets me change the number that SimpliSafe calls for 2FA. If you try and delete it the app says that you must have at least one authentication method. If you try and add an authentication method it says that phone is the only one supported. So there is no way to remove 2FA and just use UID/Pass (aka 1FA).

I am not against 2FA in fact I am happy they support it. The problem is that they only allow one account, so everyone in my home who needs to use the app must share that one account (one UID/Pass). Hence when SS does its 2FA by texting my phone, it always texts MY PHONE, not my wife's phone. So if she wants to look at the cameras and it asks for 2FA, she has to text me wherever I am, and I have to send her the pin, so she can then get into her own application. That is just flat out broken. SS needs to fix that, it is a bug in their design. They should allow us to turn off 2FA until they can get multi account done right. 

Community Admin

 • 

5.2K Messages

 • 

50 Points

@captain11​ I really wouldn't say that, captain. We were very careful in our choice of authentication system, to meet very strict adherence to industry standards. Not going with a third party app also means that we're not dependent on those external services.

But yes, as I understand it, 2-Factor Authentication is now required.

(edited)

1 Message

You definitely have to fix this. Every time I get an alert, I grab my phone and have to go through the sign in and authentication process and THEN I GET TO SEE THE EVENT AFTER IT ENDED!!  at least allow facial recognition or something that keeps my and my wife’s phones connected without interruption. No more 30 days BS.  Otherwise this is NOT a security system, it’s YouTube. 

Captain

 • 

5.7K Messages

 • 

110 Points

@davey_d​ Respectfully, 2FA via SMS is not secure in my, and many others, opinion. Further, using SMS for 2FA is the easy, and less expensive way. I also do not see a risk supporting 3rd party authentication apps. We agree to disagree on this one.

Advocate

 • 

677 Messages

 • 

10 Points

Respectfully, 2FA via SMS is not secure in my, and many others, opinion. Further, using SMS for 2FA is the easy, and less expensive way. I also do not see a risk supporting 3rd party authentication apps.

Mark your calendars people, Captain11 and I wholeheartedly agree on something w/o reservation! :)

@davey_d  You mentioned "in accordance with industry standards" earlier but most IT Security folks will tell you that SMS is better than no 2FA at all but far worse than any of the many commonly available authenticator apps like Google Authenticator. (Some IT Security folks will tell you that using SMS for 2FA is worse than nothing as it imparts a false sense of security!) I'm hoping that the only reason you're sticking with SMS now is because you don't yet have multiple accounts implemented. Please please please make sure your product managers and developers know that we want OTP authenticators as an option in the future. You're a security company and you all should offer higher levels of security. (Even OnlyFans offers 2FA via authenticator app! :P )

1 Message

1 year ago

2FA is a deal killer for me. Just ordered a system and now I see this. Will be returning it. I can’t believe you would force this on people who don’t want it. 

23 Messages

1 year ago

2FA sucks  I am tired of passing codes out to my family  and god forbid I  can't get it to them ,, they have to set off the alarm and get to the keypad  

Captain

 • 

5.7K Messages

 • 

110 Points

@zimerclan​ Due to the fact the code can only go to the main account owner, it does make 2FA not work for many, and the previously mentioned SMS process is hardly bulletproof.

(edited)

Community Admin

 • 

5.2K Messages

 • 

50 Points

@zimerclan​ Multi-Factor Authentication is an essential part of keeping your account secure. But you can set it up to send the confirmation codes to other phone numbers - so you don't need to be the middleman during logins. We have the step-by-step here.

1 Message

10 months ago

I agree with the criticism. Forcing customers to use authentication is wrong. I don’t like using phone numbers for authentication. I prefer to use email. Even my bank allows that! Now when I need to change my phone number it’ll be a big mess. I’m sure to be locked out again. What a pain. The “recovery code” is 24 characters long. It’s possible to write that down wrong. It’s so easy to spy on phones. Why would I store that code on my phone? SimpliSafe can do better than this. 

Advocate

 • 

677 Messages

 • 

10 Points

10 months ago

@capred 

Now when I need to change my phone number it’ll be a big mess.

How often are people changing their phone numbers these days barring stalkers, winning the lottery, etc? I'm genuinely curious. I kind of assume that whatever mobile phone number you have now is the one you're likely to die with. 

For the record I agree about text - it's a terrible form of 2FA. It's even worse that it's being used considering the many "we don't allow that for security reasons!" excuses for stuff. That said, email is also terrible and they should switch to some form of authenticator app. 

New to the Community? Get started by reading our Welcome Post.