Microsoft is asking people to move away from two-factor authentication (2FA) tools that still use text messages and voice calls in favor of more modern security technology. Standard two-factor authentication solutions work by sending a one-time passcode to a chosen device. This means that a particular account can only be accessed if a person has the correct password and one-time code. However, Alex Weinert, director of identity services at Microsoft, argues that the low level of security surrounding telephone networks means that these types of multi-factor authentication solutions are seriously lacking. SMS and voice calls are transmitted in clear text and can be easily intercepted, while SMS codes are prone to phishing attacks. Changes in regulations and performance issues also make telephone networks poor choices for security tools.
Multi-factor authentication
“Today, I want to do what I can to convince them that it's time to move away from voice and SMS multi-factor authentication mechanisms,” Weinert explained. “These mechanisms are based on public switched telephone networks (PSTN), and I believe they are the least secure of the MFA methods available today. This gap will only widen as the adoption of multi-factor authentication increases attacker interest in breaking these methods, and purpose-built authenticators expand their security and usability benefits. "Weinert rightly warns that as MFA solutions become more widely adopted, attackers will increasingly focus on finding vulnerabilities that undermine their effectiveness. He argues that security-conscious people should embrace Microsoft's Authenticator MFA app, or better yet, hardware security keys to protect against attacks Not long ago passwords were largely the only safeguards used for online solutions But the security landscape has changed rapidly and now you are considering the Best Approach to Multi-Factor Authentication (MFA) Via ZDNet