Rivian Two-Factor Authentication (2FA) Beginning Dec 13, 2024

tate16t · Dec 4, 2024

Starting December 13, 2024, Rivian is rolling out two-factor authentication (2FA) for all customer accounts. That means when you log into your Rivian account or app, you’ll need to verify your identity using two methods – your regular password and a one-time code sent to you. It’s a simple step to keep your personal info and vehicle access extra safe.

If you’re using third-party tools like ElectraFi to monitor or interact with your Rivian, you might run into some hiccups.

https://riviantrackr.com/news/what-rivians-new-two-factor-authentication-means-for-you/

oskeei · Dec 4, 2024

Is this Rivian's way (at least) to try kill third party tools?

COdogman · Dec 4, 2024

oskeei said:
Is this Rivian's way (at least) to try kill third party tools?

MFA really should be the minimum standard on all accounts these days. Using it makes your account at least 99% less likely to be compromised.

electruck · Dec 4, 2024

This has been optional for about 3 years now, I think. Glad to see they're making it mandatory, I know it's something I enabled when it was first implemented. Hopefully they'll add support for push notifications and passkeys in the near future.

godfodder0901 · Dec 4, 2024

oskeei said:
Is this Rivian's way (at least) to try kill third party tools?

No. Many work with MFA. I have it set and still use the HA integration.

beatle · Dec 4, 2024

oskeei said:
Is this Rivian's way (at least) to try kill third party tools?

Third party tools work on tokens, so as long as you can still get a token, you should be good. Tesla uses 2FA as well, and 3rd party tools like TeslaFi work fine.

jasonthepro · Dec 4, 2024

COdogman said:
MFA really should be the minimum standard on all accounts these days. Using it makes your account at least 99% less likely to be compromised.

I work in infosec and I'm really glad they're enforcing this. Seen too many compromises.

godfodder0901 · Dec 4, 2024

jasonthepro said:
I work in infosec and I'm really glad they're enforcing this. Seen too many compromises.

Same, but wish they implemented TOTP through an authenticator app instead of the much less-secure version they've chosen using SMS or email.

lefkonj · Dec 4, 2024

they are requiring it, I have had this since day 1 on my account.

GonGo66 · Dec 4, 2024

No email or app support is way behind industry standards. Also, my area code is blocked from 2FA, (787), this seems rushed.

ElGuano · Dec 4, 2024

I appreciate the extra security, but sites that over-enforce this (I feel Rivian does, as does Garmin) create huge usability headaches. It doesn't seem to preserve sessions on trusted devices and times out frequently, so if I have the site open, and refresh 10min later, I have to get another 2FA code. Ugh.

My Google account, which I care a hell of a lot more about, does a good job balancing first-class security with not prompting for a 2FA every time I refresh my browser window.

At least for Rivian, the app seems to have a refresh token that bypasses 2FA when you use it to log into the site to check pre-order status!

Greg Chick · Dec 4, 2024

So using your cell phone as a key and if your cell turned off while you were away from truck, a 2FA will be needed to open the door to the truck? Or is this just to drive the truck, or acess the app to do things?

ElGuano · Dec 4, 2024

Greg Chick said:
So using your cell phone as a key and if your cell turned off while you were away from truck, a 2FA will be needed to open the door to the truck? Or is this just to drive the truck, or acess the app to do things?

I think...neither? I believe the phone communicates with the truck directly through Bluetooth/UWB for PaaK, so no cloud/login needed. And the mobile app doesn't use 2FA (presumably it relies on your device unlock as security). So this should only be for the rivian.com site, right?

godfodder0901 · Dec 4, 2024

Greg Chick said:
So using your cell phone as a key and if your cell turned off while you were away from truck, a 2FA will be needed to open the door to the truck? Or is this just to drive the truck, or acess the app to do things?

It's for logging into/authenticating your account. You won't need to do anything different to drive.

JonW716 · Dec 4, 2024

As a former victim of identity theft, it's been enabled on my account since inception. With all the current crap going on with identity theft it's better to be proactive then reactive... Once you've been compromised you know what a pain in the ass it can be to get all your stuff fixed, not to mention the credit hit you can take while it is all being fixed. A PIN code to drive the car would be a welcome addition for an extra layer of security.

Rivian Two-Factor Authentication (2FA) Beginning Dec 13, 2024

tate16t

Well-Known Member

oskeei

Well-Known Member

COdogman

Well-Known Member

electruck

Well-Known Member

godfodder0901

Well-Known Member

beatle

Well-Known Member

jasonthepro

Well-Known Member

godfodder0901

Well-Known Member

lefkonj

Well-Known Member

GonGo66

Member

ElGuano

Well-Known Member

Greg Chick

Well-Known Member

ElGuano

Well-Known Member

godfodder0901

Well-Known Member

JonW716

Well-Known Member

Similar threads