Instagram is planning to introduce a new two-factor authentication method that will not require a user's phone number and will instead work with authentication apps like Google Authenticator, reports TechCrunch.
Authentication apps are a safer two-factor option than the phone number method, which can be bypassed through SIM hacking, as outlined earlier today by VICE's Motherboard.
Image via TechCrunch
SIM hacking involves hijacking a person's phone number by manipulating cellular service support staff and claiming a SIM card has been lost.
Creating a new SIM associated with the phone number allows it to be stolen, and if that phone number is associated with a social networking account, as it would be with Instagram's current two-factor authentication method, the results can be devastating.
In Motherboard's article, for example, SIM hacking is used to steal Instagram accounts, which can be lucrative when highly desired usernames are poached.
Instagram is especially vulnerable to this kind of attack because right now, when you turn on Instagram's two-factor authentication, account codes and password reset requests are sent via your phone number.
Instagram has already been testing the new two-factor authentication method, with screenshots and details baked into the code for the Instagram Android app. This code was discovered by a TechCrunch tipster, who also shared screenshots.
An Instagram spokesperson confirmed the screenshots are legitimate and said Instagram is "continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication."
It is not yet clear when Instagram plans to roll out the new two-factor authentication method, but it could come soon as it appears to be nearly finished based on the screenshots.
Authentication apps are a safer two-factor option than the phone number method, which can be bypassed through SIM hacking, as outlined earlier today by VICE's Motherboard.
SIM hacking involves hijacking a person's phone number by manipulating cellular service support staff and claiming a SIM card has been lost.
Creating a new SIM associated with the phone number allows it to be stolen, and if that phone number is associated with a social networking account, as it would be with Instagram's current two-factor authentication method, the results can be devastating.
In Motherboard's article, for example, SIM hacking is used to steal Instagram accounts, which can be lucrative when highly desired usernames are poached.
Instagram is especially vulnerable to this kind of attack because right now, when you turn on Instagram's two-factor authentication, account codes and password reset requests are sent via your phone number.
Instagram has already been testing the new two-factor authentication method, with screenshots and details baked into the code for the Instagram Android app. This code was discovered by a TechCrunch tipster, who also shared screenshots.
An Instagram spokesperson confirmed the screenshots are legitimate and said Instagram is "continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication."
It is not yet clear when Instagram plans to roll out the new two-factor authentication method, but it could come soon as it appears to be nearly finished based on the screenshots.
Tag: Instagram
15 comments
CNBC reports that Apple has hired ex-Microsoft exec and former CEO of a smart lock company to revamp Apple's home initiatives. Hiring Jadallah is the latest signal that Apple plans to get serious...
Apple is today sending out notifications to Apple Music subscribers that, when tapped, allows them to send a referral to friend to sign up for a free one-month subscription to Apple Music.
...
Apple recently purchased PullString, a San Francisco startup that enables the design and publishing of voice apps through its PullString Converse platform, reports Axios.
PullString could be...
Apple is planning to release AirPods that feature a new surface coating, wireless charging, and a black color option, according to a report from Taiwanese Economic Daily News.
Apple supplier...
Apple today shared a new "Bokeh'd" video on its YouTube channel, which highlights the Depth Control feature on the iPhone XS, XS Max, and XR.
In the spot, a group of mothers are...
If you've deleted your DMs, they may be unavailable on your phone and on the web, but Twitter is still saving them, according to data from security researcher Karan Saini that was shared today by...
iPhone XS Max users experience more than two times faster real-world LTE data speeds as iPhone 5s users on average in the United States, according to OpenSignal, although there are caveats to...
Last August, Apple Music was updated with a new section in Browse curated by Deutsche Grammophon, one of the biggest classical music labels in the world. While classical music fans welcomed the...
