K
i
m
K
e
y
Raise your hand if this has happened to you: You wake up in the middle
of the night, check your phone to see the time, and notice several missed
text messages. You check them, hoping all your loved ones are OK, and
see each is a one-time passcode. Now your worry turns to dread because
someone has one of your passwords, and only an SMS message stands
between you and some would-be hacker.So what do you do? I would change my password, store the new, unique,
and strong password in a password manager, and go back to bed. More
important, I’d consider changing my SMS authentication method to
something a bit stronger in the morning.Why? It turns out that clever crooks can reroute text messages. But if
you use an authenticator app instead, the codes generated on your
phone never travel through your mobile network, cutting down the risk
for exposure.Multi-factor authentication, or MFA, adds another factor of
authentication besides a password to your online accounts. MFA can be
something you know (such as a password), something you have (a
security key or a code sent to an authenticator app), or something you
DUH
DELRPHWULFVFDQVXFKDVD¿QJHUSULQWRUIDFLDOUHFRJQLWLRQ
8VLQJ
an authenticator app strengthens your account security by adding
another layer of protection with an authentication token you have.Leave SMS Authentication
Behind: Get an Authenticator
App
Why multi-factor authentication via text
leaves you open to attacksCOMMENTARY