Millions of people imperiled through sign-in links sent by SMS

Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of ...
PC World

Gmail is killing SMS-based 2FA login codes in favor of this instead

With around 1.8 billion active users worldwide, Gmail remains the most popular email service by far. Google was also one of the first to pioneer and popularize two-factor authentication (2FA). You ...
Ars Technica

Google plans to stop using insecure SMS verification in Gmail

A username and password just won’t cut it anymore. Users around the world logging into Gmail have often relied on Google SMS pings to securely access their accounts, but that’s changing. Google now ...
Krebs on Security

How 1-Time Passcodes Became a Corporate Liability

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer ...
9to5google

Google removing Play Store apps that violate SMS, Call Log permission rules in coming weeks

In response to the Google+ privacy bug, the company announced Project Strobe to limit third-party access to user data. On Android, only default clients can request SMS or Call Log permissions, with ...
Bleeping Computer

Cisco Duo warns third-party data breach exposed SMS MFA logs

Update 4/16/24: Added Cisco's statement below. Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on ...