1 Message
2 Factor Authentication for Email accounts but can't use same mobile number
Why can't I use my mobile number for 2 factor authentication for multiple Comcast email accounts? I have 3 email accounts but only 1 cell phone. This is a security flaw!! Please help.
XfinityVictor
Official Employee
•
894 Messages
1 year ago
Here is a link that provides detailed steps on managing your two-step verification https://www.xfinity.com/support/articles/two-step-verification-xfinity-app-setup. Have you followed the steps provided?
0
0
Latoque
Expert
•
29.6K Messages
1 year ago
@user_b5k83o
This is not a "flaw". It is a baked-in security feature in the email. Xfinity/Comcast accounts are structured around the premise that there is one primary user per service address, and any secondaries are presumed to be other people in the same household. They are secondary accounts, and not "extra" aliases. That said, each user would be presumed to have their own phone number. That is why you can't use the same number for the other two accounts.
1
user_ro6fak
1 Message
10 months ago
The security basis for the existing Xfinity security plan, where they presume that one person is not using multiple accounts is flawed. They should give the customer the option to use the same phone number, for multiple accounts. That should not be a big deal, software wise. I am in the same boat. I have five different accounts, where each account wants a unique phone number for two-factor verification. Xfinity needs to catch up with the times and not try to impose such an outdated, invalid security posture on its' customers. It essentially makes some people have insecure accounts, in a multiple account setting, simply because they only one ONE mobile phone number to give. In this regard, Xfinity is NOT helping customers to ensure the security of their accounts.
3
davidandrea2
Regular Visitor
•
3 Messages
9 months ago
Please add my vote for allowing the same phone number and non xfinity email address for verification for multiple xfinity email addresses. I want to use different xfinity email addresses to keep personal and commercial mail separate
0
umeweall
Visitor
•
4 Messages
9 months ago
It is patently ridiculous to not let a user reuse their phone number, over multiple accounts that they have created, for whatever reason they have done this for. Xfinity should be more flexible, not rigid in pushing a security policy that hampers, not helps, customers to achieve proper account protection.
0
CPZ77
Visitor
•
1 Message
9 months ago
Agreed, this is an absolute necessity nowadays. Every linked email address on a given account should not need its own mobile number to implement MFA, that is insane. I'm in a situation where I started with multiple emails on different accounts, eventually those were moved/relinked to a single account, but still only one email on the account can be protected with MFA due to this ridiculous restriction. Really, they should move past even needing to use a mobile number at all and add options for TOTP-based MFA or other similar methods. But even if (or I should say, especially if) mobile number is the only method offered, then you must allow the same multiple number to be used for MFA on different emails. This is a huge restriction, and security hole that (like somebody else above already said) is causing untold numbers of accounts to be less protected than they should be right now.
And, to the Xfinity employee who responded, I appreciate the fact that you said you will take the feedback back to Comcast (I hope it actually makes it to someone who will both listen , and who is in a position to actually have some influence about them doing something about it) and i appreciate the fact that you posted the link about managing multiple accounts in hopes that might help some people. Unfortunately though, this really does not help in the slightest here due to the reasons I stated above (linking multiple emails to the same account does not help us in protecting those emails with MFA with a single mobile number).
The only solution that will really solve this problem is a more flexible MFA system.
1
Chrissy15221
Contributor
•
152 Messages
8 months ago
Like Latoque said , accounts other than yours are secondary ( users & managers) with their own email addresses & phone numbers . How does Comcast decide which account ID or device if they all belong to the same number ? There's also service & billing containing residents street addresses , phone numbers etc. .
You may change your preferred email address with comcast.net addresses only .
Each user can add another mobile phone number , except for the primary user .
It's not probable that Xfinity will send a code verification to internet service providers other than their own .
I found the link article to be very useful , if you didn't fully understand ask us for
clarification … the protocol is in place for your safety .
🛟
0