cancel
Showing results for 
Search instead for 
Did you mean: 

Multi-factor Authentication (MFA)

stan1234
I've been here awhile

Your Multi-factor Authentication (MFA) system is a pain-in-the-??? ..... I don't want it and don't need it - and don't tell me I can turn it off because your web site will not let me turn it off.......... if you insist we use this waste of time I will insist in moving to another provider!

11 REPLIES 11

Re: Multi-factor Authentication (MFA)

RogersCorey
Moderator
Moderator

Greetings @stan1234!

 

Thank you for your feedback. I understand that you may not want MFA, but we recommend enabling MFA on both phone number and email for the best experience and to keep your account secure from potential identity theft.

 

Regards,

RogersCorey

Re: Multi-factor Authentication (MFA)

stan1234
I've been here awhile

You can recommend all you like - but what I (the customer) would like is the option to turn MFA off (and leave it off).....

Re: Multi-factor Authentication (MFA)

Kcsdkavanagh
I plan to stick around
My son is travelling and wanting to use Ignite Tv. He uses my email address and password but is asked for the code everytime he logs in on his laptop. Can the MFA be permanently turned OFF? He has to contact me everytime for the code that comes to my phone number. Should I add his email as another method to get the code so he doesn't have to keep asking me for the code?

Re: Multi-factor Authentication (MFA)

Hello, @Kcsdkavanagh.

 

I appreciate you joining this discussion; we can't disable MFA for account security reasons. You can temporarily update the wireless recovery number to your son's number. This can be done from your MyRogers profile from the Settings menu: Settings | Settings Overview | My Rogers Profile | Recovery Number > Update recovery number

 

At a later time, you can change the number back to yours. 

 

Let us know if you have further questions. 

 

Cheers,

RogersMoin

Re: Multi-factor Authentication (MFA)

Hmm
I'm a reliable contributor

No, Rogers does not "recommend" MFA aka 2FA, they make it mandatory. That is a major difference. It's unfortunate the Rogers Team can't seem to understand this. 

Re: Multi-factor Authentication (MFA)

57
Resident Expert
Resident Expert

I have the following comments:

 

1. Almost any organization that you deal with electronically these days requires MFA/2FA.  It used to be only financial organizations, but recently, almost any "business" requires it, so this is certainly not limited to Rogers and once instituted, unlikely to be deleted.

 

2. What bothers me and some other people is that some organizations, like Rogers, limit the MFA/2FA to texts to cell phones.  There should be options for telephone calls (Like CRA) or e-mails (many businesses) for customers that don't have, or prefer not to, use cellphones. 

 

3. Despite complaints to organizations that make cell phone use mandatory, they don't seem willing to change, so you either need to have access to a cell phone (friend, relative, your own), or not deal with that organization electronically. This is getting harder and harder since about 90% of households now have a cell phone or two or more.

Re: Multi-factor Authentication (MFA)

Hmm
I'm a reliable contributor

When 2FA or MFA (however you prefer to label it) functions properly, it's a great, but most of the time, it's not worth the hassle. 

 

2FA frequently causes more problems than it solves. Just look at when trying to scan a QR code for eSIM especially on data only tablets or devices.

 

It appears that tone-deaf corporations hire employees who are just as tone-deaf as their protocols, resulting in a frustrating experience for users. Customer-centricity is often overlooked—it's whatever sounds good to the employee and the higher-ups, whether it's the latest buzzword from a "new kid on the block" or blindly following an antiquated industry trend used by only a few.

 

Mandatory 2FA is an unnecessary obstacle and when account breaches occur, corporations are rarely held accountable for these security lapses. However, if the consumer decides to disable extra layers of security, that's on them. 

 

The bottom line is users deserve the autonomy to select the level of security that suits them best. Interestingly, the landscape is evolving, with 2FA giving way to more advanced options like passkeys or Authenticator apps from tech giants such as Google, Bing, or Bitwarden. 

 

While echoing your employer's stance might be expected, it's equally important to inject personal perspective. After all, without it, responses are scripted and robotic as the systems they're working with. Defending antiquated protocols is simply bias and gaslighting. 

Re: Multi-factor Authentication (MFA)

Hmm
I'm a reliable contributor

No

Re: Multi-factor Authentication (MFA)

Hmm
I'm a reliable contributor

@57 
It's simple really. Many large corporations often display a tone-deafness and resistance to change, which is deeply problematic and almost always systemic.

 

This attitude ignores the needs and frustrations of their customers, leading to a perpetuation of outdated practices and a lack of innovation. It's fundamentally flawed and detrimental to both their reputation and their ability to adapt to an evolving customer centric market.

 

There is a lot of ignorance around 2FA/MFA especially in this forum. We have mandatory 2FA for the forum as well. The messaging seems to be that Rogers "cares" implemented MFA for our own protection (prevent identity theft). This is a joke.

 

While MFA or 2FA  add extra layers of security, they do not fully prevent identity theft. Attackers can still bypass these measures through techniques like phishing, social engineering, SIM swapping, and exploiting software vulnerabilities.

 

Additionally, if an attacker gains access to all authentication factors, the extra layers become ineffective. These methods provide enhanced security but are not foolproof solutions against determined or sophisticated threats.


At the end of the day, they don't care what you or I may have to say. They take direction (albeit reluctantly) from legislation and the CRTC. In terms of industry practices, they tend to the follow the "weakest link" or other corporations and mirror their dysfunctional behavior or practices often using the same software. 

 

However, I don't know where you're getting your stats from, where you cite 90% of households have two or more cell phones. If you have more than one person in the household of legal age, then it's likely they have a cell phone. I know for a fact many seniors do NOT have a cell phone yet alone more than one. They don't represent 10% of the population or 90% who have more than one.

Re: Multi-factor Authentication (MFA)

57
Resident Expert
Resident Expert

@Hmm wrote: I don't know where you're getting your stats from, where you cite 90% of households have two or more cell phones. 

I said one or more per household.  Sample link below shows a couple of provinces with over 90%, Item 3 (I'm not sure of the date for the tabular data, but probably 2020-2022, based on web searches including StatsCan.  Numbers would therefore be slightly higher in 2024).:

 

https://reviewlution.ca/resources/cell-phone-statistics-canada/

 


Let’s have a look at the Canadian smartphone ownership rate by province:

  • Alberta 93.4%
  • Saskatchewan 91.1%
  • British Columbia 88.5%
  • Ontario 88.1%
  • Newfoundland and Labrador 86.4%
  • Manitoba 85.1%
  • New Brunswick 82.8%
  • Nova Scotia 83.2%
  • Prince Edward Island 83.8%
  • Quebec 79%

Based on many sources on the web, about 50% of seniors have a cellphone (smart phone), and that data was from 2020-2022, with seniors representing the highest growth segment (since there were fewer to begin with).  I suspect the numbers for seniors are now in the 60-70% range for 2024. 

 

Remember also that if you have two seniors in a household only one of them, or 50%, needs to have a cell phone to meet the household criteria. That is the case in our household where my wife has no need or interest in having her own phone.  I have an Apple SE2020 on a very inexpensive pre-paid plan.

Re: Multi-factor Authentication (MFA)

Canuckto
I've been here awhile

SMS should be outlaws by the government for 2 factor authentication since it can be highjacked many ways. Do a simple google search and you will SEE.   passkeys are way better and easier for security.  I go to a small forums and they support passkeys.  Yet I see big corporations who make millions and year to fail to invest more reliable security for login.  The company Bitwarden provides a product called "passwordless" which creates passkeys for a website login.  

Topic Stats
  • 11 replies
  • 2567 views
  • 6 Likes
  • 7 in conversation