Sign in

Create an account

No no no no no, don't be an idiot.

Do you see "tesla.com" in the address bar? No, you don't. Don't ever type your login and password to Tesla on a site that isn't Tesla.com. If this website was fraudulent (it isn't but it could have been), you would have just accidentally handed over the access codes to find, locate, open and drive off with your £100,000 Tesla car. Please ensure others don't fall for similar.

Share

After nearly 2 years of requesting 2FA (2 Factor Authentication) and around 1 year of publicly requesting it I've felt the need to show just how vulnerable the Tesla system is without a 2nd step of authentication (e.g. a code sent via email) for enabling new login attempts on new computers/devices to your account. Google, Twitter, Facebook, your bank and endless other companies use 2FA to ensure you're who you say you are but Tesla haven't added this feature which to me is shocking considering it's securing an asset worth nearly £100K. With apologies, by Will Fealey - using original source code from Alastair C & CSS copied from Tesla.com. No data is stored when you hit the submit button. I've been pre-approved by Tesla as a good-faith security researcher.