User profile for user: Jeff Mark
Jeff Mark Author
User level: Level 1
22 points

using authenticator apps and two-factor authentication without a smartphone

Today, I needed to update my password for my Ticketmaster account. They wanted to send me an authenticator code. They wanted to send it to me by text. I do not currently have a device that can accept SMS texts (it’s a long story). I only have my iPad and iMac. I also have the app textPlus, but apparently that’s “not the right kind of text“. Ticketmaster's automated system did not accept it (nor do several others I've run into).


This is the first time I would’ve used 2-factor authentication for this particular service. Ticketmaster customer support told me that there was no other way of authenticating other than sending me a text. If I had had an authenticator app, would it have been able to generate an authentication code in this case? Remember, this is my first time for this service. The Passwords app doesn't seem to be able to do this — I'm not sure any authenticator app could, for a service for which I had not used TFA previously.


And it doesn't appear that there's anything native to my iPad that can do it. There doesn't seem to be that capability in the Passwords app either, for generating a one time authenticator the first time for a new service, as the app system has no entry yet in Passwords. I'm not at all sure that I have any idea how to use it even for a service that is not new for me. The instructions I find seem to involve two or three different places in "Settings", and when I look at them, it just seems unclear — possibly they only apply to my Apple Account.


I hope I’m making this clear, the whole thing is a little confusing to me yet. Frankly, I tend to skip TFA when offered; it just seems too complicated since, as I've mentioned, I do not have a smartphone or SMS-capable phone of any kind. (Hopefully that will change soon.)


I'd appreciate any advice or other form of enlightenment.


Jeff 🤔😉😊


P.S., one of my major current gripes is the apparent requirement to have a smartphone to do almost any online commerce, above and beyond the TFA issue. A major pain on the old caboose.

iPad Air, iPadOS 18

Posted on Feb 12, 2025 10:07 PM

Reply
Question marked as Top-ranking reply
User profile for user: LotusPilot
LotusPilot
Community+ 2025
User level: Level 10
301,442 points

Posted on Feb 14, 2025 3:46 AM

Continued...


Many websites and online services do support the use of Authentication Codes that do not depend upon sending SMS codes generated by the website to a mobile phone number - instead using a verification code, generated locally on your device, that you enter when accessing the website or associated service. This type of authentication uses codes that typically change every 30 seconds.


Your iPad Passwords App already supports this feature. Perhaps this information will help:

Automatically fill in one-time verification codes on iPad - Apple Support

View in context

Similar questions

6 replies
Question marked as Top-ranking reply
User profile for user: LotusPilot
LotusPilot
Community+ 2025
User level: Level 10
301,442 points

Feb 14, 2025 3:46 AM in response to Jeff Mark

Continued...


Many websites and online services do support the use of Authentication Codes that do not depend upon sending SMS codes generated by the website to a mobile phone number - instead using a verification code, generated locally on your device, that you enter when accessing the website or associated service. This type of authentication uses codes that typically change every 30 seconds.


Your iPad Passwords App already supports this feature. Perhaps this information will help:

Automatically fill in one-time verification codes on iPad - Apple Support

Reply
User profile for user: LotusPilot
LotusPilot
Community+ 2025
User level: Level 10
301,442 points

Feb 14, 2025 3:02 AM in response to Jeff Mark

I surmised (incorrectly) that you might be in the UK. In the US, your local telco may offer a similar service to BT in the UK.


As you already having a Mac and iPad, your best option moving forward is to complete the "holy trinity" - and add an iPhone. With the addition of an iPhone, the capabilities of your iPad significantly broaden to include access to Cellular Voice and Messaging services of the associated iPhone - relayed to the iPad over WiFi using Apple’s continuity features.


More information about Continuity and the relevant Cellular services can be found here:


Continuity

Use Continuity to connect your Mac, iPhone, iPad, iPod touch and Apple Watch – Apple Support


SMS/MMS Messaging

How to forward SMS/MMS text messages from your iPhone to your iPad, iPod touch or Mac - Apple Support



Returning to your supplementary question, some services do indeed allow you to download a list of one-time passcodes - that can be used to authenticate if you cannot authenticate by some other method. As the name implies, each individual code can only be used once. This type of code is typically utilised to regain access to an account if you are locked out.


One-time passcodes are not associated with an authenticator App. The list that you download is simply a plain-text list that you can save and/or print.


Clearly, you need to keep these safe where nobody else can access them. Consider keeping a printed list locked-away; you would be wise to ensure that the plain-text electronic list is only stored on your devices in encrypted storage. Perhaps consider saving the list in your Passwords App; each account-entry saved in the Passwords App has a Notes field - within which you can enter plain-text. Simply copy and paste your list.

Reply
User profile for user: LotusPilot
LotusPilot
Community+ 2025
User level: Level 10
301,442 points

Feb 13, 2025 6:01 AM in response to Jeff Mark

It is perhaps a [sad] reality that the modern world his an increasing reliance upon having a mobile-phone - not only for receiving SMS authentication codes, but also in being able to communicate verbally by telephone. Some countries, such as the UK, are actively phasing-out traditional wired telephones and communication services in favour of modern Cellular communications and fibre broadband - further increasing the digital-divide and perpetuating potential difficulties in accessing digital services.


SMS-based two-factor authentication (a.k.a. 2FA) is itself an old technology that itself is not particularly secure. SIM-jacking, an attack whereby your mobile phone number is transferred to the Threat Actor, allows interception of authentication codes while effectively locking the bona-fide owner of the cellular phone number out of their own accounts.


While SMS authentication is itself being replaced, the onus is upon services to adopt a different 2FA solution - of which there are several. Unfortunately, all of the alternatives have reliance upon the end-user having a suitable computer to permit authentication - inevitably, at the very least, continuing reliance upon having a compatible (and currently supported) mobile phone upon which to install the necessary software.


Returning to your immediate problem. I'm guessing that you may be a UK resident. If you are a BT customer - and still have a tradition landline (wired) telephone - BT has a service that allows you to receive or send SMS messages from your telephone; incoming SMS messages are delivered verbally:

https://www.bt.com/help/landline/set-up-and-use-bt-text


This service may usefully provide the means to receive a 2FA text code to your landline telephone - potentially resolving your current difficulty.

Reply
User profile for user: Jeff Mark
Jeff Mark Author
User level: Level 1
22 points

Feb 13, 2025 10:35 PM in response to LotusPilot

Thanks for his, Lotus. I'm not in the UK, in fact I'm in California. I get my internet and phone service from Sonic. I gotta admit that, being a fiber network, I expected the phone service to support VOIP phones; apparently not, however. But for reasons not relevant to the topic, it's been difficult for me to keep up with the online commerce world, or have what I consider adequate tools (like a phone — I used to have a flip phone, which would receive authenticator codes, but wouldn't work with a Ticketmaster-type system). But as I mentioned above, all I have is an iPad and iMac, neither of which plays well with some of these phone-required services.


But go a little farther for me, if you would, about authenticator apps. Would one have helped me in this case, given that it was the first time that site had tried to text me an authentication code? Or are those useful — like Passwords — only once the relationship has been established? Interestingly, two services that require 2FA also sent me a collection of pre-approved (?) authentication codes. (One of them was login.gov) That might be helpful 'cause I wouldn't know how to use an authenticator if one danced in front of me.


Thanks. 🤔😉😊


P.S., Where that bt service would bump up would be if one is on the phone with some customer service rep in Mauritius at the time.


Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

using authenticator apps and two-factor authentication without a smartphone

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up