2FA

Apple's latest iOS 15 and macOS Monterey come with integrated 2FA (two-factor authenticator) code generators, eliminating the need to opt for a third-party solution. The new feature works seamlessly with native autofill on both iOS and Mac (via 9to5Mac). Apple’s built-in 2FA works just like any other third-party 2FA you may already use. You set...

Update Oct. 6, 2020: Tesla MFA went live this afternoon. Our original story is as follows below. === As pointed out by the folks over at Tesla North, Tesla appears all set to roll out the much-awaited multi-factor authentication (MFA) option for account login as the feature has started to show up in some Tesla owner...

(more…)

Google is now backing a standard proposed by Apple engineers in January to create a default format for one-time passcodes (OTP) sent via SMS to users during the two-factor authentication (2FA) process. We depend on one-time passwords (OTP) a lot for logging into online banking accounts, social media, and other internet-based services. And it's tough to switch to the...

Apple wants a standard for one-time passwords (OTPs) that are sent via text messages on mobile phones for 2FA login purposes. According to a new report from ZDNet, the proposal has two goals. The first is to introduce a new way that OTP SMS messages can be associated with a URL by adding the login URL...

According to email marketing company MailChimp, Canadian wireless providers “began blocking Application-to-Person SMS messages,” as of November 10th. The company says it is working with Canadian providers to resolve the issue, and in the meantime have disabled two-step logins asking for SMS authentication codes (customer 2FA discounts will remain in effect). Here's what @RogersHelps responded...

Kapil Haresh, a graduate student student at the University of Waterloo studying software engineering with a specialization in cryptography, security, and privacy, posted a piece on Medium detailing what he believes to be limitations in Apple’s two-factor authentication (2FA) implementation. He also released a video of the limitation on YouTube. He realized that 2FA is...

What seemed to be a good thing to have, SMS-based two-factor-authentication employed by Apple and other companies, is considered deprecated by the National Institute of Standards and Technology, or NIST, the US agency that sets guidelines and rules in cryptography and security matters (via Engadget, TechCrunch). In the latest draft of its Digital Authentication Guidelines,...