#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

2 factor authentication | Breaking Cybersecurity News | The Hacker News

Category — 2 factor authentication
Facebook Adds FIDO U2F Security Keys Feature For Secure Logins

Facebook Adds FIDO U2F Security Keys Feature For Secure Logins

Jan 27, 2017
Hacking password for a Facebook account is not easy, but also not impossible. We have always been advising you to enable two-factor authentication — or 2FA — to secure your online accounts, a process that requires users to manually enter, typically a six-digit secret code generated by an authenticator app or received via SMS or email. So even if somehow hackers steal your login credentials, they would not be able to access your account without one-time password sent to you. But, Are SMS-based one-time passwords Secure? US National Institute of Standards and Technology (NIST) is also no longer recommending SMS-based two-factor authentication systems , and it's not a reliable solution mainly because of two reasons: Users outside the network coverage can face issues Growing number of sophisticated attacks against OTP schemes So, to beef up the security of your account, Facebook now support Fido-compliant Universal 2nd Factor Authentication (U2F), allows users to log into ...
End of SMS-based 2-Factor Authentication; Yes, It's Insecure!

End of SMS-based 2-Factor Authentication; Yes, It's Insecure!

Jul 27, 2016
SMS-based Two-Factor Authentication (2FA) has been declared insecure and soon it might be a thing of the past. Two-Factor Authentication or 2FA adds an extra step of entering a random passcode sent to you via an SMS or call when you log in to your account as an added layer of protection. For example, if you have 2FA enabled on Gmail, the platform will send a six-digit passcode to your mobile phone every time you sign in to your account. But, the US National Institute of Standards and Technology (NIST) has released a new draft of its Digital Authentication Guideline that says SMS-based two-factor authentication should be banned in future due to security concerns. Here's what the relevant paragraph of the latest DAG draft reads: "If the out of band verification is to be made using an SMS message on a public mobile telephone network, the verifier SHALL verify that the pre-registered telephone number being used is actually associated with a mobile network and not wi...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Popular Resources
Articles
[Watch] From Risk to ROI: The Strategic Value of Security Validation
Articles
How to Get a Full Penetration Test Done in Days – See How It Works!
Articles
Simplify IT Backup and Recovery — Experience Unitrends Live
Articles
Backupify — The Backup Solution: Encrypted, Unlimited, Reliable
Expert Insights / Articles Videos
Cybersecurity Resources