Lifehacker

Google Is Ditching SMS Code Verification, and That’s a Good Thing

Two-factor authentication (2FA) is a fantastic security measure, but not all 2FA is created equal. SMS-based 2FA is by far the least secure authentication option, and yet, far too many companies use ...
Ars Technica

Google plans to stop using insecure SMS verification in Gmail

A username and password just won't cut it anymore. Users around the world logging into Gmail have often relied on Google SMS pings to securely access their accounts, but that's changing. Google now ...
TechCrunch

Telegram’s peer-to-peer SMS login service is a privacy nightmare

Telegram has introduced a controversial new feature that grants users a free premium membership in exchange for allowing the instant messaging app to utilize their phone number as a relay for sending ...
ZDNet

Why SMS two-factor authentication codes aren't safe and what to use instead

We've probably all received confirmation codes sent via text message when trying to sign into an account. Those codes are supposed to serve as two-factor authentication to confirm our identity and ...
PC Magazine

SMS-Based Multi-Factor Authentication: What Could Go Wrong? Plenty

At Black Hat, a research duo from FYEO demonstrate a technique they call smishmash to prove that using text messaging for your second factor is very risky. When the IBM PC was new, I served as the ...