https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624124#M17146 <P>It's absolutely rubbish if you use multiple systems</P><P>ie: I've just logged in my computer using my passkey, it then wants to send me a passcode via sms which is valid for 20 minutes.</P><P>This is a poor implementation of the system. I've used my passkey I shouldn't then need to have my mobile with me to receive a passcode just to then finally login to the website, it defeats the object of using passkeys.</P><P>EE have made it more convoluted than what it should be</P><P>Not only that both SMS and EMAIL are not secure ways of getting 2FA that is why it is recommended to use passkeys as it emliminates the use of these. Even Microsoft no longer use SMS for authenication if passkeys are setup. So why is EE using passkeys with insecure methods for account security</P> Wed, 17 Jun 2026 17:58:34 GMT walkerx 2026-06-17T17:58:34Z https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624094#M17144 <P>why does the ee system make it so hard for someone to update passkeys, after being enforced on your account and passkeys not being synced across devices causing problems</P><P>What is the point of forcing this if they are just going to send code via sms anyway to do what you want</P><P>SMS is insecure, so is email for sending codes, so why not allow users to fallback to password and use a 2FA app.</P><P>&nbsp;</P> Wed, 17 Jun 2026 15:50:42 GMT https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624094#M17144 walkerx 2026-06-17T15:50:42Z https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624118#M17145 <P>Hi <a href="https://community.ee.co.uk/t5/user/viewprofilepage/user-id/2054535">@walkerx</a>&nbsp;</P><P>Passkey works fine on my device. I use my phone to log in.&nbsp;</P><P>You only tend to receive a text if you're using a VPN from my experience or abroad.</P><P>Thanks&nbsp;</P> Wed, 17 Jun 2026 17:27:28 GMT https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624118#M17145 Northerner 2026-06-17T17:27:28Z https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624124#M17146 <P>It's absolutely rubbish if you use multiple systems</P><P>ie: I've just logged in my computer using my passkey, it then wants to send me a passcode via sms which is valid for 20 minutes.</P><P>This is a poor implementation of the system. I've used my passkey I shouldn't then need to have my mobile with me to receive a passcode just to then finally login to the website, it defeats the object of using passkeys.</P><P>EE have made it more convoluted than what it should be</P><P>Not only that both SMS and EMAIL are not secure ways of getting 2FA that is why it is recommended to use passkeys as it emliminates the use of these. Even Microsoft no longer use SMS for authenication if passkeys are setup. So why is EE using passkeys with insecure methods for account security</P> Wed, 17 Jun 2026 17:58:34 GMT https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624124#M17146 walkerx 2026-06-17T17:58:34Z https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624128#M17147 <P>I sometimes only have to use the passkey and others it’s the passkey and then the text. &nbsp; Yes texts are not secure, but you’re using the passkey first so even without using the passkey you ain’t gonna get the text so it’s still secure as you have to passkey first. &nbsp; &nbsp;<BR />I notice it does improve until I wipe out my IP addresses via my account profile on here then it’s passkey and text for a while then it’s just the passkey.&nbsp;</P> Wed, 17 Jun 2026 18:42:26 GMT https://community.ee.co.uk/t5/Security/Account-Security/m-p/1624128#M17147 Chris_B 2026-06-17T18:42:26Z