Related

Unable to Disable Two-Factor Authentication on Garmin Account

Ludovico84
3 months ago

Hello everyone, due to the large number of emails, even though I do register my device, I would like to disable two-factor authentication. As soon as I log in to the Garmin website and enter my details, then click on the Security Center, the option to disable two-factor verification cannot be turned off. Has anyone managed to find a solution? It doesn’t make sense that every time my browser is registered, I still keep receiving the authentication request.

Thank you

  • 0 21 days ago

    I hate Two-Factor Authentication.  Like who is going to steal my Garmin info.  Who in the *** cares.  Get over yourself.  Focus on making things easier to understand and use.

  • 0 21 days ago in reply to 3945489

    I also think that Garmin's implementation of two-factor authentication is awful, but to answer your (possibly rhetorical) question on who would steal your Garmin info: Your account probably shows through recorded activities your home location and when you are traveling etc. That info would be valuable for burglars...

  • 0 21 days ago in reply to Bitti

    You got to be kidding! That's the height of Paranoia. So where you live, burglars are rich enough to pay someone to scan the forum to find when you are home? Then they take that list and drive around checking these "tips"?  
    I hope you are joking otherwise I feel sorry for you, wherever you live....Good Luck surviving.

  • 0 19 days ago
    3945489 said:
    I hate Two-Factor Authentication.  Like who is going to steal my Garmin info.  Who in the *** cares.  Get over yourself.  Focus on making things easier to understand and use.
    Bitti said:
    I also think that Garmin's implementation of two-factor authentication is awful, but to answer your (possibly rhetorical) question on who would steal your Garmin info: Your account probably shows through recorded activities your home location and when you are traveling etc. That info would be valuable for burglars...
    4411990 said:
    You got to be kidding! That's the height of Paranoia. So where you live, burglars are rich enough to pay someone to scan the forum to find when you are home? Then they take that list and drive around checking these "tips"?  
    I hope you are joking otherwise I feel sorry for you, wherever you live....Good Luck surviving.

    Bro, in general, Garmin gives zero Fs about whether people will steal your location data by hacking into your Garmin account, especially given the fact that many people willingly share this data publicly via Garmin Connect and especially Strava. 

    No, what they do care about is whatever legal obligations they have to protect your health data, which is why 2FA is required to use ECG. They're not doing this as a gesture of pretending to care about the user, they are doing this because the government is forcing them to do so. They're probably doing more than is required, in order to cover their asses, which is why it's frustrating for users  [*]

    As a matter of fact, if you create a burner Connect account and don't associate it with any Garmin devices, you'll find that you can turn 2FA on and off at will. I tried it a few months ago with no problems.

    This tells me that the inability to disable 2FA is probably tied to having an ECG-capable device on your account

    [*] For example:

    - once you turn on 2FA, you can't turn it off, even if you don't use ECG. This is probably not legally required, but it's easier for Garmin to just force 2FA to stay on as long as you have an ECG-capable device on your account

    - Garmin doesn't give you the option to delete any stored ECG data if you do use ECG but you really want to disable 2FA anyway. Again, I bet nobody forces them to do this, but this is just their way of being extra cautious (to protect Garmin, not to protect the users)

    TL;DR Garmin is legally forced to protect your health (ECG) data and it's probably easier for Garmin to:

    - enforce 2FA in order to use ECG (this is the part that's probably legally required)

    - prevent users from disabling 2FA once enabled, if their device is ECG-capable (this is the part that's probably not required, but they're just doing this out of an abundance of caution)

    I think the biggest issues here are:

    - that they apparently don't tell you that 2FA is irreversible

    - their implementation of 2FA is outdated and bad (but that's on brand for Garmin)

    - 2FA breaks certain 3rd-party apps

  • 0 19 days ago in reply to 4411990
    4411990 said:
    So where you live, burglars are rich enough to pay someone to scan the forum to find when you are home?

    Uhh, you know that it's fairly common for thieves to look at people's public social media posts to see when they're going on vacation so they can rob their homes? Sometimes it's an acquaintance who does this.

    The general idea isn't crazy, although the specific idea of someone hacking into your Garmin Connect account to do so is a little implausible.

  • 0 18 days ago in reply to FlowState

    My point exactly, since they WERE talking about the Garmin forum..... But I didn't have to write a book about it as you are prone to do so often.

  • 0 18 days ago in reply to FlowState
    FlowState said:
    As a matter of fact, if you create a burner Connect account and don't associate it with any Garmin devices, you'll find that you can turn 2FA on and off at will. I tried it a few months ago with no problems.

    BTW, did you try adding an ECG-capable device to the test account, enabling the 2FA, and then testing whether you can disable the 2FA after removing the device from the account again?