Website verification while overseas

I live in the United States and was vacationing in Rome,Italy. I was using the hotel computer and tried to sign into my Microsoftaccount to check my email. Microsoft told me they didn’t recognize the computerand would not let me sign in without verification. They wanted to TEXT or EMAILme a pass code number that would let me sign in. I did not have a phone, thatthey could text to so, that option was out. My alternate email was my Gmailemail which I had given Microsoft. Unfortunately Google was telling me the samething. They could not recognize the computer so I could not sign into thataccount either, to get the password. I had used my Microsoft email as thealternate with Gmail. I was locked out of both accounts. I cannot have thishappen when I am overseas. Is there a way around this in the security setupthat I am not seeing? Can I have a code that I can use anytime without havingto use the alternate email or Text? Or can I disable this security feature withone or both of these email services while on a trip so the two companies don’ttry to verify me?

I don't think you can disable it because their increasingly stringent security algorithms impose it as a kind of de facto "two factor authentication" ("2FA") in the absence of you specifying some other form of 2FA.

I would go into your email settings on both services and specifically setup 2FA using a non-SMS based method. Select the option to use an OTP ("One-Time Password") authenticator app, such as Microsoft Authenticator or Google Authenticator instead of SMS messages. That way, the next time this happens the service should direct you to use the authenticator app in lieu of having a code texted to you.

These apps use time-based One Time Passwords, which automatically change every 30 seconds.* Once it's configured, when you try to login to a 2FA-protected account you first execute the first factor verification (typically, a login password) like you usually would, after which it will present a second screen that basically says, "open your authenticator app, read the 6-digit code it displays, and type it in here." Functionally, it's the same as having a code texted to you, but doesn't require you to have a connection to any cell or data service to use it.

Not only are authenticator apps more secure than SMS (which can be intercepted), they're easier to use because you don't have to wait for the text to come in, and you can use the app even when you don't have a cell connection.

To setup an account, you step through the account provider's (Microsoft, Google, et al) setup procedure on your computer, which at some point will display a QR code containing a random key. You open the authenticator app on your phone and select the option to add an account, at which point it will prompt you to point the camera at the QR code. The app will read the QR code's key and give you a 6-digit code to type back into the computer as confirmation, verifying to both sides that they are using the same secret key. From that point forward, you only need to open the app and it will display the ever-changing 6-digit code.

(Note in your case this means you'd still have to take your phone with you, even if you won't be able to make calls with it.)

Note each account you setup will use a different secret key, so you'll get a different 6-digit code for each account, and those codes change every 30 seconds.

For the sake of convenience, note many account login pages have a checkbox you can tick to say, "don't ask me again on this computer"--which means they'll skip further 2FA on that device (e.g., your home computer or other trusted devices), but you will need to use 2FA again if you login from a different device.

Beware: if you ever lose the app (for instance, you lose your phone, or delete the app, or do a factory reset of your phone), you may not be able to get to your 2FA codes when logging in from a new device. For that reason you should have in place some alternate method of authenticating yourself. **

Tip: when setting up the account and the provider generates the secret QR code, either take a picture of it or print it on paper. That way, you can setup the authenticator app again in the future without having to start all over. This is handy if you reset your phone, or if you switch to using a different phone, or if you want to setup the app on multiple phones--which can be convenient, say, if you and your spouse use the same Amazon account, for instance.


* The OTP apps are essentially the same, so you can use the Microsoft app for both services, the Google app for both services, or any of a number of third-party apps that do the same thing. I prefer andOTP, which I use for all of my Microsoft and Google accts.

** Using each others' email addresses is one form of alternate method, provided (as you've discovered) you aren't locked out of both at the same time. Microsoft and Google can also give you a list of one-time use codes to print and stick in your wallet, for instance, in case all else fails. (I use that as my failsafe method if I should happen to lose the authenticator app.)

Microsoft and Google can also give you a list of one-time use codes to print and stick in your wallet, for instance, in case all else fails. (I use that as my failsafe method if I should happen to lose the authenticator app.)
This would work for me but your other would not as I do not have smart phones. I have old flip phones (no APPS). I have one U.S. phone and one Italian phone.

The Authy 2FA App both works in a phone and on your desktop. I'd use that if at all possible.

Keep your backup codes in Keepass. Then backup Keepass' database every time there's a change to other hard drives and a CD/RW or what ever.

F22 Simpilot said:

The Authy 2FA App both works in a phone and on your desktop. I'd use that if at all possible.

Keep your backup codes in Keepass. Then backup Keepass' database every time there's a change to other hard drives and a CD/RW or what ever.

Agreed, Authy is much better than the Microsoft and Google authenticator apps, it can be used across multiple devices at the same time with cloud backup so no chance of losing the app.

I do not have a device to put the authenticator app on. I am not on my desktop. I am overseas on a computer in a hotel. I only have tow flip phones. One U.S. and one Italian (Italian phone number)

Your best bet might just be to get a VPN and use that to sign into Gmail. I can recommend VPN.AC. I use it all the time. If you use it, chose the Chicago server. That should allow you to bypass Gmail's BS.