1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SMS-based two-factor authentication may be headed out the door

Discussion in 'Network World' started by RSS, Jul 26, 2016.

  1. RSS

    RSS New Member Member

    SMS messaging for two-factor authentication might become a thing of the past. A U.S. federal agency is discouraging its use.

    The National Institute of Standards and Technology is pushing for the change. Its latest draft of its Digital Authentication Guideline, updated on Monday, warns that SMS messages can be intercepted or redirected, making them vulnerable to hacking.

    Many companies, including Twitter, Facebook, and Google, as well as banks, already use the phone-based text messaging to add an extra layer of security to user accounts.

    It works like this: To access the accounts, the user not only needs the password, but also a secret code sent by the company by text message. Ideally, these one-time passcodes are sent to a designated phone number to ensure no one else will read them.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page