30 Mar How it really happened : NINJIO Season 3, Episode 4, 2 Factor Fake Out
In NINJIO’s Season 3, Episode 4, 2-Factor Authentication using your mobile phone (SMS) is a great security measure, and countless end-users have it in place – but that’s bad news for Nico as he tries to use some stolen credentials. Nico and his hacking buddy think of a scheme to get around 2FA via SMS, opening the potential for business email compromise and all sorts of mischief. When using SMS for 2FA verification, it’s important to know that you should always expect the code, and to verify the legitimacy before using it or giving it up.
Two-factor authentication: What you need to know
CNET looks at the history of 2FA, discussing the ways that we see it used – both as a security measure, and as a tool to run scams.
5 Myths of Two-Factor Authentication
Wired looks in-depth at common perceptions of 2FA, discussing the weaknesses, strengths, and methods involved in implementing it at the workplace.
Where are the flaws in two-factor authentication?
The Economist discusses some large-scale hacks that involved 2FA and looks at the flaws in the system.
The Limits of SMS for 2-Factor Authentication
Krebs on Security discusses 2FA users being tricked with phishing and smishing scams; even with the scams, 2FA is a great security tool with numerous applications that don’t rely on text messaging.
This is why you shouldn’t use texts for two-factor authentication
Text messaging isn’t always the most secure way to receive 2FA codes as The Verge discusses here.