Stop using your phone as a security device, says Microsoft | HT Tech

Stop using your phone as a security device, says Microsoft

Move aside 2FA, it's time for MFA (multi-factor authentication) solutions for security. 

By: HT TECH
| Updated on: Nov 14 2020, 13:08 IST
Both voice calls and SMS’, which are used by 2FA solutions, are transmitted in clear text and can be easily intercepted and SMS codes are also susceptible to phishing attacks.
Both voice calls and SMS’, which are used by 2FA solutions, are transmitted in clear text and can be easily intercepted and SMS codes are also susceptible to phishing attacks. (Pixabay)

If you thought two-factor authentication (2FA) was great, Microsoft thinks otherwise. The company has been asking individuals to stop using 2FA tools that use SMS and voice calls instead of more secure modern technology.

The standard 2FA works by sending a one-time code to a device of the user's choice. That means that the account in question can only be accessed if the user has both the correct password and the one-time code.

You may be interested in

MobilesTablets Laptops
7% OFF
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
23% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

Microsoft's director of identity services, Alex Weinert, however, argued in his blog post that poor level of security surrounding telephone networks mean that these types of multi-factor authentication solutions are severely lacking. Both voice calls and SMS' are transmitted in clear text and can be easily intercepted and SMS codes are also susceptible to phishing attacks.

Also read
Looking for a smartphone? To check mobile finder click here.

Weinert also added that changing regulations and performance issues makes phone networks poor choices for security tools.

Also Read: 10 things to keep in mind when you are setting up a new password

Weinert explained - “Today, I want to do what I can to convince you that it's time to start your move away from the SMS and voice multi-factor authentication mechanisms,”.

“These mechanisms are based on publicly switched telephone networks (PSTN), and I believe they're the least secure of the MFA methods available today. That gap will only widen as MFA adoption increases attackers' interest in breaking these methods and purpose-built authenticators extend their security and usability advantages,” he added.

Also Read: Have I Been Pwned, the site that tells you if passwords were breached, is going open source

In his post, Weinert cautioned that as MFA (multi-factor authentication) solutions become more widely adopted, attackers will “increasingly focus on finding vulnerabilities that weaken their effectiveness”.

He added that security-conscious individuals should adopt Microsoft's Authenticator MFA app, or better yet, hardware security keys to protect themselves from attack.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 14 Nov, 13:08 IST
NEXT ARTICLE BEGINS