Instagram is planning to introduce a new two-factor authentication method that will not require a user's phone number and will instead work with authentication apps like Google Authenticator, reports TechCrunch.
Authentication apps are a safer two-factor option than the phone number method, which can be bypassed through SIM hacking, as outlined earlier today by VICE's Motherboard.
Image via TechCrunch
SIM hacking involves hijacking a person's phone number by manipulating cellular service support staff and claiming a SIM card has been lost.
Creating a new SIM associated with the phone number allows it to be stolen, and if that phone number is associated with a social networking account, as it would be with Instagram's current two-factor authentication method, the results can be devastating.
In Motherboard's article, for example, SIM hacking is used to steal Instagram accounts, which can be lucrative when highly desired usernames are poached.
Instagram is especially vulnerable to this kind of attack because right now, when you turn on Instagram's two-factor authentication, account codes and password reset requests are sent via your phone number.
Instagram has already been testing the new two-factor authentication method, with screenshots and details baked into the code for the Instagram Android app. This code was discovered by a TechCrunch tipster, who also shared screenshots.
An Instagram spokesperson confirmed the screenshots are legitimate and said Instagram is "continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication."
It is not yet clear when Instagram plans to roll out the new two-factor authentication method, but it could come soon as it appears to be nearly finished based on the screenshots.
Authentication apps are a safer two-factor option than the phone number method, which can be bypassed through SIM hacking, as outlined earlier today by VICE's Motherboard.
SIM hacking involves hijacking a person's phone number by manipulating cellular service support staff and claiming a SIM card has been lost.
Creating a new SIM associated with the phone number allows it to be stolen, and if that phone number is associated with a social networking account, as it would be with Instagram's current two-factor authentication method, the results can be devastating.
In Motherboard's article, for example, SIM hacking is used to steal Instagram accounts, which can be lucrative when highly desired usernames are poached.
Instagram is especially vulnerable to this kind of attack because right now, when you turn on Instagram's two-factor authentication, account codes and password reset requests are sent via your phone number.
Instagram has already been testing the new two-factor authentication method, with screenshots and details baked into the code for the Instagram Android app. This code was discovered by a TechCrunch tipster, who also shared screenshots.
An Instagram spokesperson confirmed the screenshots are legitimate and said Instagram is "continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication."
It is not yet clear when Instagram plans to roll out the new two-factor authentication method, but it could come soon as it appears to be nearly finished based on the screenshots.
Tag: Instagram
15 comments
Apple is working on several new products for its Mac lineup, including a new low-cost MacBook Air and a Pro-focused Mac mini, reports Bloomberg's Mark Gurman.
The upcoming low-cost MacBook...
Apple Pay is now accepted at all Costco warehouses in the United States, at in-store checkouts, according to the wholesale retailer.
Costco has been equipping its warehouses with contactless...
Apple today seeded the ninth beta of an upcoming iOS 12 update to developers for testing purposes, five days after seeding the eighth beta and more than two months after introducing the new software...
Apple today seeded the eighth beta of an upcoming macOS Mojave update to developers for testing purposes, one week after releasing the seventh beta and more than two months after introducing the...
Yesterday afternoon, first responders were called to an Apple Store in Amsterdam, reportedly due to a leaking iPad battery on the premise. Apple has since confirmed that it is investigating the...
Pre-orders for Apple's 2018 iPhone lineup will take place on Friday, September 14, according to information Macerkopf sourced from German carriers.
German mobile service providers are said...
A translated China Times report today claims that the wireless charging coil on at least one of Apple's widely rumored trio of 2018 iPhones will be made from copper wire instead of FPC, short for...
Apple today filed six new Apple Watch model numbers with the Eurasian Economic Commission, including A1977, A1978, A1975, A1976, A2007, and A2008, according to French blog Consomac. All of the models...
