In light of all the stolen SSN notifications (I'm affected, too), wanted to double check something.

Right after I got the SSN notification, I enabled Takeover Protection on all our lines (along with other measures). I was kicking myself though, because I finally decided to change my phone last week, and it was one that finally accepted eSIM. So I mentally prepared myself for the extra hurdles I'd have to face from changing my SIM card after getting Takeover Protection.

But it was hardly what I expected.

I used iMessage. My business chat with T-Mobile was already authenticated to my T-Mobile account from a previous chat. The rep only asked for SMS code verification, and boom, service was transferred to my new phone using eSIM.

No extra steps, no having to disable Takeover Protection first, no asking for my PIN (are they still using that system?). I'm not in the loop, maybe using iMessage was enough verification in and of itself. Does anyone know, is this an appropriate level of security for a no-port SIM change?