Instagram to Introduce Non-SMS Two-Factor Authentication to Prevent SIM Hacking - MacRumors
Skip to Content

Instagram to Introduce Non-SMS Two-Factor Authentication to Prevent SIM Hacking

by

Instagram is planning to introduce a new two-factor authentication method that will not require a user's phone number and will instead work with authentication apps like Google Authenticator, reports TechCrunch.

Authentication apps are a safer two-factor option than the phone number method, which can be bypassed through SIM hacking, as outlined earlier today by VICE's Motherboard.

instagramtwofactortc

Image via TechCrunch

SIM hacking involves hijacking a person's phone number by manipulating cellular service support staff and claiming a SIM card has been lost.

Creating a new SIM associated with the phone number allows it to be stolen, and if that phone number is associated with a social networking account, as it would be with Instagram's current two-factor authentication method, the results can be devastating.

In Motherboard's article, for example, SIM hacking is used to steal Instagram accounts, which can be lucrative when highly desired usernames are poached.

Instagram is especially vulnerable to this kind of attack because right now, when you turn on Instagram's two-factor authentication, account codes and password reset requests are sent via your phone number.

Instagram has already been testing the new two-factor authentication method, with screenshots and details baked into the code for the Instagram Android app. This code was discovered by a TechCrunch tipster, who also shared screenshots.

An Instagram spokesperson confirmed the screenshots are legitimate and said Instagram is "continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication."

It is not yet clear when Instagram plans to roll out the new two-factor authentication method, but it could come soon as it appears to be nearly finished based on the screenshots.

Top Rated Comments

104 months ago
I’d rather an option for all services to have no two factor authentication. It’s a real bother for those who take the time to use a password manager to generate strong, unique passwords. Then store said passwords in an encrypted vault protected by one strong password.

At least create a standard for two factor authentication. So our password managers can automatically receive and fill the code.

As it stands. Two factor just increases login time.
I find it hilarious when im logging into iCloud on my Mac and it asks me for two factor, and then sends the code to the freakin laptop cause it’s already authorized. I would love to see a standardized two factor login.
Score: 4 Votes (Like | Disagree)
hank moody Avatar
104 months ago
Please, just stop promoting google auth.
There are plenty of BETTER and open source apps out there to talk about.
Score: 3 Votes (Like | Disagree)
104 months ago
I’d rather an option for all services to have no two factor authentication. It’s a real bother for those who take the time to use a password manager to generate strong, unique passwords. Then store said passwords in an encrypted vault protected by one strong password.

At least create a standard for two factor authentication. So our password managers can automatically receive and fill the code.

As it stands. Two factor just increases login time.
1Password handles TFA with One-Time Passcodes if you use their app.
Score: 1 Votes (Like | Disagree)
104 months ago
These apps are just distractions to me. They are generally fun to scroll and get a chuckle or see something interesting. But if they are unable to secure their systems, and instead start to make me have to download another app to use their app, and click multiple times to get into an app that is at best a fun diversion, then I will just delete my account and the app and move on.
Score: 1 Votes (Like | Disagree)

Popular Stories

meta ai

Meta's New AI Image Tool Can Use Your Public Instagram Photos by Default

Wednesday July 8, 2026 1:52 pm PDT by
Meta is rolling out a new feature that lets people use public Instagram posts and reels to generate AI content, and it's turned on by default. If you have an Instagram account that's not set to private, there is a setting allowing anyone to generate content on Meta AI using your images and videos. The option was added to support Meta's new image generation model, Muse Image. Muse Image is...
meta logo new%402x

EU: Facebook and Instagram's Infinite Scroll May Break Digital Rules

Friday July 10, 2026 5:37 am PDT by
Meta has been warned by the European Commission that its endlessly scrolling Facebook and Instagram feeds may violate the EU's new Digital Services Act rules. In preliminary findings published on Friday, the Commission said that its investigation into features such as infinite scroll, autoplay, push notifications, and highly personalized recommender systems, found that Meta "did not...
apple back to school sans airpods 2

Apple's 2026 Back to School Offer is Coming Soon

Sunday July 12, 2026 7:29 am PDT by
Apple's stores will be rolling out Back to School marketing materials this week, according to Bloomberg's Mark Gurman. This suggests that the offer will begin in the U.S. in the next few days. Last year, college students and educational staff could receive a free accessory like AirPods 4 or an Apple Pencil Pro with the purchase of a qualifying Mac or iPad model. The Back to School offer is in...