Two-Factor Authentication Isn'T As Secure As You Might Expect
CNET, March 9th, 2020
March 22, 2020,
Volume 264, Issue 3

Passcodes from SMS or authenticator apps are better than passwords alone, but hackers can exploit their weaknesses

"You've probably heard this security advice: protect your accounts by using two-factor authentication," opines Stephen Shankland in CNET.

"You'll make life hard for hackers, so the reasoning goes, if you pair a password with a code sent by text message or generated by an app like Google Authenticator.

Here's the problem: It can be easily bypassed. Just ask Twitter Chief Executive Jack Dorsey. Hackers gained access to Dorsey's Twitter account using a SIM swap attack that involves fooling a carrier into switching mobile service to a new phone...."

Read More ...


Other articles in the IT News - MFA section of Volume 264, Issue 3:

See all archived articles in the IT News - MFA section.