Tech Tip: Using Backup Codes Without a Cellphone
Q. I know we are all supposed to use the extra security and get a code sent when we log in, but what if a person doesn’t have a cellphone or doesn’t always keep it handy for instant access?
A. Two-step verification — where you enter your password and then request a numeric code from the site as the second step for logging in — has become a standard security practice for many web-based email systems and other online accounts. While the two steps generally make it harder for someone to hack into your account, the common approach of sending the numeric code as a text message makes logging in harder for those who do not own text-capable mobile phones.
However, many sites offer alternative ways to get the codes, and you should check with your provider about your options. (Not all services offer different ways to use two-step verification, though. Apple is one company that does require a phone that can receive SMS text messages.)
For example, when you turn on two-step verification for Gmail or another Google service, you have the chance to create a set of 10 backup codes to download or print. When you log into your account and are asked to supply verification, you use one of the codes in your set. When you have used them all, log into your account to make a fresh set.
Some services ask you to supply your phone number (including landlines) in your account settings for use in account verification. If you have a phone that cannot send or receive text messages, you get an automated voice call from the company that tells you the code; Microsoft is among those that use this method.
Email providers are not the only ones encouraging the use of two-step verification. Facebook and Instagram also allow you to create backup codes for your account. Dropbox is another — and the site even suggests you snap a screenshot of your backup codes to print or save on another device in case you need the numbers later.
Continue reading the main story