The 5 Steps That Lock Your Phone Number Down for Good
Kathryn Jones — Founder, The Identity VaultKathryn built The Identity Vault to stop scams before they happen. Updated April 2026.Last Updated: April 2026 · 7 min read Key Takeaways Your phone number is the master key to every account you own. To lock your phone number down for good, you don’t need expensive software or [...]
Kathryn Jones — Founder, The Identity Vault
Kathryn built The Identity Vault to stop scams before they happen. Updated April 2026.
Last Updated: April 2026 · 7 min read
Key Takeaways
- SMS-based two-factor authentication is no longer safe — a SIM swap hands an attacker every code you receive, on every account
- Your carrier account PIN is the single most impactful free action you can take to lock your phone number down today
- Number Lock goes even further by requiring an in-person visit with photo ID before your number can be transferred — even if a fraudster already knows your PIN
- Switching to an authenticator app takes about 15 minutes for your top five accounts, and permanently removes SIM swap as an attack vector on each one
- A Google Voice number is tied to your Google account — not a SIM card — so it cannot be SIM-swapped and is ideal as your account recovery number
Your phone number is the master key to every account you own. To lock your phone number down for good, you don’t need expensive software or a tech background. You need five specific steps — and most of them are free. This guide walks through each one in order, with carrier-specific instructions for every major US carrier.
Why SMS Two-Factor Authentication Is No Longer Enough
SMS-based 2FA was designed under the assumption that your phone number was secure. That assumption, unfortunately, is no longer valid. A SIM swap gives an attacker your phone number — and therefore every SMS code you receive. As a result, every account that still uses SMS for two-factor authentication is just one carrier phone call away from being completely compromised.
The solution, however, is not to abandon 2FA altogether. Instead, it’s about upgrading it — starting with the steps below.
Step 1: Set Your Carrier Account PIN
The first and most important step to lock your phone number down is setting a carrier account PIN. Call your carrier or log into their app and set a numeric PIN that must be provided before any account changes. Each carrier has a different name for this feature, but the protection it provides is the same.
Carrier-Specific Steps
📱 AT&T — Security PIN: myAT&T app → Account → Security PIN
📱 Verizon — Account PIN: My Verizon app → Account → Account PIN
📱 T-Mobile — SIM PIN: myT-Mobile app → Profile → Advanced Settings → SIM PIN
📱 Other carriers — Call your carrier’s fraud line directly and request an account PIN
This PIN is completely separate from your phone passcode and your voicemail PIN. Set it today — it takes under five minutes and costs nothing.
Step 2: Enable Number Lock
Number Lock prevents your phone number from being transferred to another carrier without an in-person visit with photo ID. This is your second line of defense — because even if a fraudster somehow defeats your PIN check, Number Lock requires physical presence to complete the transfer. All major carriers offer this feature for free.
How to Enable Number Lock by Carrier
📱 AT&T — myAT&T app → Number Lock (toggle on)
📱 Verizon — My Verizon app → Number Lock (requires your PIN)
📱 T-Mobile — Account settings → SIM Protection
📱 Google Fi — Automatic — verify status in your Fi app settings
Step 3: Migrate Your Critical Accounts Off SMS 2FA
Once your carrier PIN and Number Lock are in place, the next step is to reduce your exposure to SMS-based 2FA on your most important accounts. To do this, download Google Authenticator, Authy, or Microsoft Authenticator. Then go into the security settings of each account — starting with your primary email, then your bank, then your investment accounts — and switch from SMS codes to authenticator codes.
This process takes about 15 minutes for your top five accounts and permanently removes SIM swap as an attack vector for each one you migrate. The FTC recommends this step as part of a broader SIM swap protection strategy.
- Install an authenticator app on your phone
- Go to each account’s Security settings and find Two-Factor Authentication
- Select “Authenticator App” instead of SMS
- Scan the QR code — then save your backup codes in a secure place
- Verify the old SMS method is fully removed before moving on
Start with: primary email → bank → investment accounts → IRS.gov → SSA.gov. Those five cover the highest-value targets first.
Step 4: Set Up a Google Voice Backup Number
A Google Voice number is one of the most underused tools in SIM swap protection. Because it’s tied to your Google account rather than a SIM card, it cannot be SIM-swapped. As a result, it’s the ideal number to use as your account recovery contact for high-value accounts like your bank, the IRS, and Social Security.
- Go to voice.google.com and claim a free number
- First enable 2FA on your Google account itself
- Replace the SMS recovery number on: primary email, bank, IRS.gov, and SSA.gov
- Record your Google Voice number in your vault document
- Keep this number private — don’t share it publicly
Step 5: Request a Carrier Fraud Sensitivity Flag
The final step is one most people never know to take. Call your carrier’s fraud department directly — not general customer support — and request an account-level fraud sensitivity flag. This adds a manual review requirement to any future account changes, making it significantly harder for a social engineer to impersonate you successfully. Note the date and agent name for your records.
Carrier Fraud Department Numbers
📞 AT&T Fraud — 877-844-5584
📞 Verizon Fraud — 800-922-0204, option 4
📞 T-Mobile Fraud — 611 from your T-Mobile phone → select Fraud
Why These Five Steps Work Together
Each step in this guide builds on the one before it. Your carrier PIN stops most social engineering attempts at the first line. Number Lock adds a physical barrier even if the PIN is bypassed. Authenticator app migration removes SMS as an attack vector entirely. Google Voice gives you a SIM-swap-proof recovery number. And the fraud flag adds a final layer of manual review that most attackers won’t be able to defeat.
Together, these five steps represent a complete approach to locking your phone number down. For a broader view of your identity protection — including credit freezes, IRS PIN setup, and property protection — see the free 30-step Identity Lockdown Checklist.
Start Your Telecom Vault
The Identity Vault walks you through every step above with annotated, carrier-specific screenshots — so you always know exactly where to click. Rather than working from generic instructions, you get the exact navigation path for your carrier and your accounts.
👉 Start your telecom vault now — before your number is targeted.
READ NEXT
→ Your Phone Number Is the Master Key to Your Entire Financial Life
→ Why We Built a Telecom Lock Module That Doesn’t Know Your Phone Number
→ AI Scams in 2026: How Criminals Use Deepfakes and Voice Cloning
Stop Scams Before They Reach You
Get the free 30-step Identity Lock Checklist — protect your identity, secure your accounts, and arm your family starting tonight.