With the continuous development in its field hacking, the protection offered by a password is no longer enough. There are other methods that add an extra level of security to Appliances us and one of the most popular is Two Factor Authentication (2FA). But is it as safe as we think?
2FA via message
There are several types of 2FA. The most common method is to send a unique password as SMS on your phone, which you then enter on the site or service you are trying to access.
However the hackers, it is known that they can cheat mobile phone companies to transfer a victim's phone number to their own phone. So any code sent to this number is passed directly to the attacker, giving him access to the victim's accounts.
This method is called SIM swapping and is probably the easiest to bypass 2FA.
Authentication applications are more secure than 2FA via message. They operate on a principle known as TOTP.
TOTP is more secure than SMS because it generates a password on device instead of being sent to the entire network, where it may be intercepted.
The TOTP method is used by applications such as Google Authenticator, LastPass, 1Password, Microsoft Authenticator, Authy and Yubico.
Although it is safer, there have been reports of hackers stealing authentication codes from Android smartphones, tricking the user into installing malware that copies and sends passwords to them.
Biometric methods 2FA
Biometric methods are another form of 2FA. These include fingerprint recognition, face recognition, retina or iris scanning, and voice recognition. Most smartphone today have some of the above options.
However, biometric data can also be compromised, either by the servers where it is stored or by the software that processes the data.
Despite the above, the success of an attack is largely based on the users themselves. Malicious agents use many means to trick them victims to make it easier for them to access their devices.
The best way to protect yourself is to be cautious. If you carefully check websites and links before clicking and using 2FA, the chances of a breach are drastically reduced.
The bottom line is that 2FA is effective in keeping your accounts safe. However, try to avoid the less secure SMS method when you have this option. And while any security measure can theoretically be breached, a hacker will not waste time and effort hacking a well-protected device unless it has something of greater value to gain.