Microsoft wants you to ditch SMS-based multi-factor authentication mechanisms

Discussion in 'other security issues & news' started by guest, Nov 11, 2020.

  1. guest

    guest Guest

    Microsoft wants you to ditch SMS-based multi-factor authentication mechanisms
    November 11, 2020
    https://www.neowin.net/news/microso...-based-multi-factor-authentication-mechanisms
    Microsoft: It's Time to Hang Up on Phone Transports for Authentication
     
  2. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,402
    However; the larger issue for me is that MANY websites ONLY offer SMS as their version of 2FA. Check through the numerous websites you have accounts with and try to establish TOTP or true U2F. It won't happen for most. Sad.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes, it's annoying. But I would also like to move away from the smartphone completely! So authentication apps wouldn't be a solution for me. I would rather make it so that you can register "trusted devices" in which 2FA is being performed by the CPU itself on the laptop, tablet, desktop or even smartphone. And if you have to use services like email or online banking on somebody's else device, you can always fall back on 2FA via smartphone or hardware token, good idea or not? See link for more info.

    https://blog.dashlane.com/intel-u2f-dashlane-2fa/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.