Google Accounts are considered as two-factor authentication, which allows users to log into the protected account by 2FA by entering the code that they receive from the SMS. This allows the user to enter your account even if they know your password.
This dual-use method was used for online services, and public bank accounts like Facebook and even government agencies were focused on this method. This was introduced to create hackers to protect themselves from hackers for account hacking. But later this will not be visible to users.
According to the National Institute of Standards and Technology, the latest report on digital protection says that two-factor authentication should be banned in the future for future reference.
The use of a common mobile phone connection for outsourced verification in the report in the report implies that the verifier has necessarily confirmed that the phone number has been registered and is not a VoIP service.
Thereafter, messages should be sent to pre-registered numbers. The phone number that you registered should not be changed, other than two-factor Authentication changes. Outside confirmations are not approved by the SMS used and should not be added for future releases.
Why is SMS based two-factor Authentication insecure?
A text-based, two-factor Authentication based on the US National Technology Institute and the National Institute of Technology, is insecure due to the following:
1. There is no way to know if web site players receive the relevant 2FA code on the right person. Therefore, if your mobile phone is stolen, your account will be at risk.
2 Instead of a traditional network, the individual can use the Broadband Internet connection to make calls over the Internet. Voice over Internet Protocol If you are using a VOIP service, it is a risk of stealing.
3 You can also use the VOIP service for hackers to access your account using two-factor authentication, which is in use with your text messages.
4 Although some feature screen is locked, 2FA code is displayed.
5 hackers can get OTP containing the code of the OTP on their device and also get them the ability to change and modify your Facebook or JetRes account. This is because of the shortcomings in the design of the SS7 (signaling system number 7).
Instead of a dynamometric method
This dual-use method was used for online services, and public bank accounts like Facebook and even government agencies were focused on this method. This was introduced to create hackers to protect themselves from hackers for account hacking. But later this will not be visible to users.
According to the National Institute of Standards and Technology, the latest report on digital protection says that two-factor authentication should be banned in the future for future reference.
The use of a common mobile phone connection for outsourced verification in the report in the report implies that the verifier has necessarily confirmed that the phone number has been registered and is not a VoIP service.
Thereafter, messages should be sent to pre-registered numbers. The phone number that you registered should not be changed, other than two-factor Authentication changes. Outside confirmations are not approved by the SMS used and should not be added for future releases.
Why is SMS based two-factor Authentication insecure?
A text-based, two-factor Authentication based on the US National Technology Institute and the National Institute of Technology, is insecure due to the following:
1. There is no way to know if web site players receive the relevant 2FA code on the right person. Therefore, if your mobile phone is stolen, your account will be at risk.
2 Instead of a traditional network, the individual can use the Broadband Internet connection to make calls over the Internet. Voice over Internet Protocol If you are using a VOIP service, it is a risk of stealing.
3 You can also use the VOIP service for hackers to access your account using two-factor authentication, which is in use with your text messages.
4 Although some feature screen is locked, 2FA code is displayed.
5 hackers can get OTP containing the code of the OTP on their device and also get them the ability to change and modify your Facebook or JetRes account. This is because of the shortcomings in the design of the SS7 (signaling system number 7).
Instead of a dynamometric method
Comments
Post a Comment