Instagram today announced several new security enhancements that are being implemented to make the social network safer for all users.
Starting soon, Instagram is implementing support for third-party authenticator apps, which will allow them to be used for two-factor verification purposes in lieu of a phone number.
Instagram has supported two-factor authentication for some time, but it was tied to a phone number and required users to receive text messages, which has proven to be insecure and left some Instagram users vulnerable to SIM hacking.
SIM hacking is a method hackers use to gain access to a person's phone number, using it to get into high-profile social media accounts. Some instagram accounts with short handles are valuable and have been stolen through this method, something a third-party authenticator app can protect against.
Instagram says that users can go to the Settings section of the Instagram app, choose Two-Factor Authentication, and then select "Authentication App" to implement two-factor authentication that does not involve a phone number.
Support for third-party authenticator apps is rolling out and will be available globally "in the coming weeks."
Along improved two-factor authentication, Instagram is also enhancing security through a new "About This Account" section that will be added to high-profile Instagram accounts. This feature will allow users to see more information about accounts that reach large audiences, allowing users to "evaluate the authenticity of the account."
To see more about an Instagram account, users can tap on a profile, tap the hamburger menu option and then select "About This Account." Information displayed will include the date the account joined Instagram, the country where it is located, recent username changes, and ads the account is running.
Starting in September, people who have accounts that reach large audiences will be able to review the information that will be available, and after that, the feature will roll out worldwide.
Instagram also plans to make it easier for Instagram users to earn a blue verified badge that lets people know an account is the "authentic presence of a notable public figure." Verification has been available on Instagram, but prior to now, there was no streamlined process for requesting account verification.
To be verified, an account must comply with Instagram's Terms of Service and Community Guidelines. We will review verification requests to confirm the authenticity, uniqueness, completeness and notability of each account. Visit the Help Center to learn more about Instagram's verification criteria.
Instagram users who want to apply for verification can do so by accessing the Settings app and choosing "Request Verification." Username, full name, and a copy of legal or business identification will be required. Like the other features announced today, the verification option is rolling out to users but could take some time to show up for everyone.
Top Rated Comments
If you've ever wondered (or are one of those that gets upset) about Facebook, Instagram, and others who release new updates to their apps every week and just have "Bug fixes and other updates." in the release notes, these updates are what add the ability to push those new features. They don't want to announce those new features in the update because then they can't roll them out gradually. You'd have a bunch of people complaining "WHY ISN'T IT WORKING ON MINE!!!! ‽??!!"
[doublepost=1535478415][/doublepost]Just last week several apps made headlines for being hacked through SIM exploitation. This type of news (that Mac Rumors also publishes) puts these apps in the spotlight, necessitating moves like this from Instagram, Twitter, and others.
The fact that we're seeing accounts exploited this way is a great indicator that these additional measures are needed.
It’s still 2 factors.
Factor 1: your password
facror 2: the one time password OR the recovery code.
Instagram is already putting announcements within the app and they'll likely add a Story about it too when it rolls out to those chosen users.
I'll be surprised if they don't prompt users to enable it when it becomes available to them too.
[doublepost=1535495722][/doublepost]I got the above notification the most recent time I opened the Instagram app.
[doublepost=1535482405][/doublepost]Well, that answers my question. Logged into one of my accounts and got this message for "high engagement accounts like yours."