Microsoft wants you to stop using your phone as a security device
Two-factor authentication contains its own vulnerabilities
Microsoft is asking individuals to abandon two-factor authentication (2FA) tools that still use SMS and voice calls in favor of more modern security technology.
Standard two-factor authentication solutions work by sending a one-time code to a chosen device. This means that a particular account can only be accessed if an individual is in possession of both the correct password and the one-time code.
However, Alex Weinert, Microsoft’s director of identity services, argues that the poor level of security surrounding telephone networks means these types of multi-factor authentication solutions are severely lacking. Both SMS and voice calls are transmitted in clear text and can be easily intercepted, while SMS codes are subject to phishing attacks. Changing regulations and performance issues also make phone networks poor choices for security tools.
- Here's our list of the best security keys for enhanced protection
- Check out our roundup of the best endpoint protection solutions
- Also, see our list of the best antivirus software
Multi-factor authentication
“Today, I want to do what I can to convince you that it’s time to start your move away from the SMS and voice multi-factor authentication mechanisms,” Weinert explained. “These mechanisms are based on publicly switched telephone networks (PSTN), and I believe they’re the least secure of the MFA methods available today. That gap will only widen as MFA adoption increases attackers’ interest in breaking these methods and purpose-built authenticators extend their security and usability advantages.”
Weinert rightly cautions that as MFA solutions become more widely adopted, attackers will increasingly focus on finding vulnerabilities that weaken their effectiveness. He argues that security-conscious individuals should adopt Microsoft's Authenticator MFA app, or better yet, hardware security keys to protect themselves from attack.
Not that long ago, passwords were largely the only safeguards used for online solutions. But the security landscape has quickly moved from, and is now considering what the best multi-factor authentication (MFA) approach can be.
- And be sure to check out our list of the best Android privacy apps
Via ZDNet
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services. After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.