Instagram Will Update Two-Factor Authentication to Not Use SMS Codes
According to a new report from TechCrunch, Instagram is working on a new, more secure method of two-factor authentication that would not require a user’s phone number.
The social media platform will supposedly let you authenticate with code-generating apps like Google Authenticator. It seems as though the company has been working on this feature for some time as Engineer Jane Manchun Wong discovered a prototype version of the updated two-factor authentication within an Instagram’s Android APK.
Instagram is finally working on token-based two-factor authentication!! ?
Thank you Instagram! I have been waiting for this since 2016! We finally won’t have to rely our account’s security on SMS! ? pic.twitter.com/u0iIPTaZO2
— Jane Manchun Wong (@wongmjane) July 17, 2018
Currently, Instagram lets you recover your account by identifying via a phone number. However, this method is not secure as hackers have been able to illegally gain access to a user’s phone number and tie it to a new SIM card, which they control.
Once hackers have control of your phone number, they can use it to extort a victim for financial gain or even use it to recover benefits from other online accounts.
Many technology companies, like Facebook and Google, have build solutions which protect against vulnerabilities introduced with SMS-based two-factor authentication.