LOADING ...

Add a PIN to Your Smartphone Account 

Emily Price Feb 09, 2018. 2 comments

If you have a passcode set up on your phone and SMS-based two-factor authentication set up on your smartphone plan, you might think you’re pretty secure from hackers.

While you’re doing a lot better than most, your phone—and all the accounts you have linked to it—are actually still vulnerable to attackers. In a recent story, Buzzfeed notes that a smart hacker who has access to the last four digits of your social or a fake ID of yours could still be able to impersonate you and get your phone number transferred over to another device, keeping your number.

When they have a device that’s technically “you,” they can then gain access to any of your accounts that require two-factor authentication.

It might seem complicated, but Buzzfeed notes it’s not as hard as you might think. Ambitious hackers can call and gain small amounts of info about you from different services you use and then piece it together into enough info to get into the account. It actually happened to Black Lives Matter activist Deray Mckesson last year.

This type of “mobile hijacking” is getting more and more prevalent (read Buzzfeed’s story for more details), which makes it more important than ever to add as much security as possible to your account.

For that, Buzzfeed makes the excellent suggestion of adding a PIN code to your account. I already have one attached to my AT&T account as well as a few others. It’s a third layer of protection beyond your password and two-factor authentication. Sort of like the PIN you use at the ATM, the often four-digit code is something you’d come up with (don’t use the last four of your social, it’s too easy to track down!), and you’ll have to provide it whenever you’re making changes to your account like getting a new phone.

The idea is there’s an extra layer of defense for your account which will at least be a speed bump for attackers if not a brick wall they can’t get through.

Every major U.S. carrier offers the ability to do this. Here’s a breakdown of each one and how to do it:

AT&T

You can add a PIN to your AT&T account on the web. Log into your account and then got to View Profile followed by Sign-in Info. Under “Wireless passcode” you’ll want to pick “Manage Extra Security” and add your new passcode.

Sprint

Sprint customers are required to have a PIN. You can update yours on the web by logging into your account and then selecting My Sprint followed by Profile and security. You’ll want to scroll down to Security Information and then update your info before hitting Save.

Verizon

With Verizon, you can add a PIN by going to vzw.com/PIN. You can also add a PIN in person at any store (with a government issued ID) or by calling (800) 922-0204.

T-Mobile

T-Mobile customers can add a PIN by either dialing 611 from their mobile phone or by dialing 1-800-937-8997. With T-Mobile you’ll need to have a six-digit passcode rather than a four, so have something good in mind (not your social!) before you call.

And that’s just the beginning. Check out the Buzzfeed article and the articles linked below for more suggestions on how to make your accounts even more secure. And like everything, great security starts with a great hard-to-guess password. Make sure you’re using a good one. If you need help, here’s how to make one .

2 Comments

Other Emily Price's posts

How to Find The 'Wizard of Oz' Ruby Slippers Easter Egg on Google How to Find The 'Wizard of Oz' Ruby Slippers Easter Egg on Google

The 80th Anniversary of The Wizard of Oz is Sunday. To celebrate, Google has added a fun easter egg to google search that will sweep you up in a tornado and send you to Oz.To access it, simply do a Google search for “Wizard of Oz.” When you do, you’ll see a pair of ruby slippers sparkling on the...

How to Check if Your Internet is Fast Enough to Stream Netflix in 4k How to Check if Your Internet is Fast Enough to Stream Netflix in 4k

If you want to be able to stream 4K Ultra HD content from Netflix you’ll not only need a high-resolution television, you’ll need a fast internet connection as well.For one 4k stream, Netflix says you’ll need an internet speed of at least 25Mbps. Most households in the United States probably have that, but if you’re only paying for a...

How to Prevent Spammers From Infiltrating Your Google Calendar How to Prevent Spammers From Infiltrating Your Google Calendar

My boyfriend and I have a shared Google calendar so we can keep track of each other’s various events and commitments, as well as things like concerts and parties we plan to attend together. It’s a great system for us, but this week we ended up with something a little odd on that calendar: “You Have Won iPhone X...

College Students Can Now Get Sirius XM for $4 a Month College Students Can Now Get Sirius XM for $4 a Month

If you’re currently enrolled in a college or university, then Sirius XM has a deal for you. The satellite radio company is offering students the ability to get its Premier Plan for $4 a month, $9 off its traditional price of $13.The program is officially called “Student Premier” and uses Sheer ID to verify that your college student status...

Suggested posts

When a Company Asks You to Reset Your Password, Should You Be Worried? When a Company Asks You to Reset Your Password, Should You Be Worried?

We try our best to keep Lifehacker readers aware of recent data breaches and security vulnerabilities that might have compromised their data. Any good website or service should tell you what’s up , too. Sometimes, though, you get an email out of the blue that your account credentials have been compromised—even though the company sending you that information is...

MoviePass Customers: Check Your Credit Card Statements for Fraudulent Charges MoviePass Customers: Check Your Credit Card Statements for Fraudulent Charges

If you’re a MoviePass customer, you might want to take an extra close look at your credit card statements—or considering replacing your card altogether.The movie subscription service announced Wednesday that one of its critical servers was not protected with a password. This critical server contained tens of thousands of MoviePass card numbers as well as customer’s personal credit card...

Don't Let Alexa, Siri, or Google Assistant Auto-Dial Companies Don't Let Alexa, Siri, or Google Assistant Auto-Dial Companies

We’ve talked about how fake business listings can show up on Google Maps despite Google’s regulations, and use the appearance of legitimacy to exploit customers and other business. As it turns out, it’s pretty easy for AI assistants to fall prey to fake information, too.Say you’re trying to contact a company, and you ask a digital helper like Alexa,...

How to Make Sure Your Passwords Haven't Been Stolen How to Make Sure Your Passwords Haven't Been Stolen

One of the best things about having a solid password is that you don’t have to change it . If it’s strong, unique, and hasn’t been compromised by an attacker, you gain no security benefits by modifying it according to some arbitrary timetable. Just let it be.What you should be tracking is whether any of your passwords have been...

Why You Should Use Windows Defender's Ransomware Prevention Why You Should Use Windows Defender's Ransomware Prevention

A crucial security feature in Windows Defender comes disabled by default: Ransomware Protection. That’s surprising, since ransomware is a serious threat that locks down your device and blocks you from accessing your data until you pay your attacker. It’s even more surprising when you consider that Ransomware Protection was added way back in the October 2017 Windows 10 update....

Install the Windows August 2019 Update Right Now Install the Windows August 2019 Update Right Now

Windows 10 users: Take a few moments and check that you’ve installed Microsoft’s August 2019 security updates on your PC. While you’ve probably already been prompted to update your system, it never hurts to double-check. The latest Windows update fixes a long list of vulnerabilities found in current versions of Microsoft’s flagship OS. Most of them are minimal risks,...

These Dummy iOS Lightning Cables Let Hackers Remotely Access Your Devices These Dummy iOS Lightning Cables Let Hackers Remotely Access Your Devices

Hardware hacks might not get as much attention as the latest security breaches , but they can be just as devastating. You’re probably picturing an attacker sneakily using a dummy USB key to infiltrate a computer, but as a recent report from Vice describes, even innocuous tech like Apple’s Lightning cables can be modified to exploit vulnerabilities and take...

How to Destroy a Metal Credit Card at Home How to Destroy a Metal Credit Card at Home

My primary credit card was compromised last week . Had I a “normal” one, I could have just tossed it in the shredder or demagnetized it, cut it up, and called it a day. A fancier metal credit card presents a bit of a challenge, and your mere paper shredder probably isn’t up to the task (nor should you...

Earn Up to $1 Million from Apple's Expanded Bug Bounty Program Earn Up to $1 Million from Apple's Expanded Bug Bounty Program

Apple’s products have a reputation for being pretty secure, but they’re not perfect . Now, if you’re a great security researcher or white-hat hacker—and you want to go after other Apple devices and services beyond just iOS and iCloud—you can earn a lot of cash.Ivan Krstic, Apple’s head of security engineering and architecture, announced at this year’s Black Hat...

PSA: Your Phone Logs Everywhere You Go. Here's How to Turn It Off PSA: Your Phone Logs Everywhere You Go. Here's How to Turn It Off

You probably know your Android phone or iPhone can pinpoint your location for GPS, local search, or the weather. Hopefully, you also know that means your phone keeps track of everywhere you go, all the time. Don’t be alarmed—it’s the trade-off you make for the features you get. If it makes you uncomfortable, here’s how to opt-out of location-tracking...

Language