Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

Two-Factor Authentication’s Weak Point

Two-factor authentication makes your accounts more secure by requiring something else in addition to a password to log in. However, its weak point was recently exposed, as attackers gained access to Black Lives Matter activist DeRay Mckesson’s Twitter account despite his use of two-factor authentication. Many two-factor systems rely on codes sent via SMS text messaging, but unfortunately, cellular carriers turn out to be easy targets for social engineering. Glenn Fleishman, writing for Macworld, explains the vulnerability and how to better secure your cellular accounts against troublemakers.favicon follow link

 

Comments about Two-Factor Authentication’s Weak Point
(Comments are closed.)

JohnB (SciFiOne)   2016-06-12 12:54
Unfortunately, the ATT instructions no longer match the actual account management page. I figured it out anyway, but changes in front pages and terminology are an all too common problem.

Still, do we want to enter a long random password over and over again, or try to give it verbally to an operator?
Ken Jennnings  2016-06-13 10:17
Your writer is correct when he writes that "Many two-factor systems rely on messages sent by SMS text. Patented phone based 2FA solutions like URQUi.com do not rely on SMS / out of band messaging.

@urqui