Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: fink Clear Filter

Whistleblower warning: 2FA codes sent via SMS are trivially easy to intercept

Weak Link: Two-factor authentication is designed to harden device security and make unauthorized access even trickier for bad actors. In the imperfect world we live in, however, there's almost always a weak link, and one popular delivery method for 2FA is no exception. Many implementations of two-factor authentication involve sending a one-time passcode to the end user via SMS. Once entered, the user is logged in and it's business as usual. The problem is the inherent weakness of SMS, and the f

Why SMS two-factor authentication codes aren't safe and what to use instead

kontekbrothers/Getty We've probably all received confirmation codes sent via text message when trying to sign into an account. Those codes are supposed to serve as two-factor authentication to confirm our identity and prevent scammers from accessing our accounts through a password alone. But who actually handles those SMS codes, and can those people be trusted? New reports from both Bloomberg and collaborative investigative newsroom Lighthouse Reports shed light on how and why text-based codes