Instagram is planning to introduce a new two-factor authentication method that will not require a user's phone number and will instead work with authentication apps like Google Authenticator, reports TechCrunch.
Authentication apps are a safer two-factor option than the phone number method, which can be bypassed through SIM hacking, as outlined earlier today by VICE's Motherboard.
Image via TechCrunch
SIM hacking involves hijacking a person's phone number by manipulating cellular service support staff and claiming a SIM card has been lost.
Creating a new SIM associated with the phone number allows it to be stolen, and if that phone number is associated with a social networking account, as it would be with Instagram's current two-factor authentication method, the results can be devastating.
In Motherboard's article, for example, SIM hacking is used to steal Instagram accounts, which can be lucrative when highly desired usernames are poached.
Instagram is especially vulnerable to this kind of attack because right now, when you turn on Instagram's two-factor authentication, account codes and password reset requests are sent via your phone number.
Instagram has already been testing the new two-factor authentication method, with screenshots and details baked into the code for the Instagram Android app. This code was discovered by a TechCrunch tipster, who also shared screenshots.
An Instagram spokesperson confirmed the screenshots are legitimate and said Instagram is "continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication."
It is not yet clear when Instagram plans to roll out the new two-factor authentication method, but it could come soon as it appears to be nearly finished based on the screenshots.
Authentication apps are a safer two-factor option than the phone number method, which can be bypassed through SIM hacking, as outlined earlier today by VICE's Motherboard.
SIM hacking involves hijacking a person's phone number by manipulating cellular service support staff and claiming a SIM card has been lost.
Creating a new SIM associated with the phone number allows it to be stolen, and if that phone number is associated with a social networking account, as it would be with Instagram's current two-factor authentication method, the results can be devastating.
In Motherboard's article, for example, SIM hacking is used to steal Instagram accounts, which can be lucrative when highly desired usernames are poached.
Instagram is especially vulnerable to this kind of attack because right now, when you turn on Instagram's two-factor authentication, account codes and password reset requests are sent via your phone number.
Instagram has already been testing the new two-factor authentication method, with screenshots and details baked into the code for the Instagram Android app. This code was discovered by a TechCrunch tipster, who also shared screenshots.
An Instagram spokesperson confirmed the screenshots are legitimate and said Instagram is "continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication."
It is not yet clear when Instagram plans to roll out the new two-factor authentication method, but it could come soon as it appears to be nearly finished based on the screenshots.
Tag: Instagram
15 comments
It is now possible to use the My Verizon app to activate eSIM service on an iPhone XS, iPhone XS Max, or iPhone XR in the United States.
The app was updated today to allow Verizon customers...
Apple today seeded the first beta of iOS 12.1.2 to public beta testers, one day after seeding the same beta to developers and six days after the release of the iOS 12.1.1 update with expanded eSIM...
Apple Pay made its long-awaited debut in Germany this evening, allowing iPhone and Apple Watch users in the country to finally take advantage of the contactless mobile payments service if their card...
Samsung today introduced its latest smartphone, the Galaxy A8s. It is Samsung's first smartphone with an Infinity-O display, which has a nearly edge-to-edge, uninterrupted design beyond a small...
Epic Games today announced that its Infinity Blade role-playing game trilogy has been removed from the App Store.
In a blog post, the video game studio said "it has become increasingly...
It took nearly two months following the on-sale date for the iPhone XR, but Apple's highly anticipated clear case for the colorful device is now available. We're not entirely sure what the...
Apple today seeded the first beta of an upcoming iOS 12.1.2 update to developers, five days after releasing iOS 12.1.1, an update that introduced a revamped FaceTime layout, re-added Live Photos for...
