- While two-factor authentication has gotten more people more secure with their private info, the system isn’t without its flaws.
- The Big Four carriers have joined together to make a second-generation of 2FA a reality.
- By running the 2FA codes through a system of “roadblocks,” the Big Four are hoping to thwart malicious hackers.
Two-factor authentication is more secure than a single password. There’s no question about it. However, just because it’s more secure doesn’t mean it’s as secure as it could be. In fact, criminals can use 2FA to their advantage pretty easily, as we saw here and here.
If we want to up the level of security, we have to change the way 2FA operates, which is precisely what the Big Four carriers are trying to do. In a rare show of solidarity, Verizon, AT&T, T-Mobile, and Sprint, developed the Mobile Authentication Taskforce to revamp 2FA and make it more secure.
How are they going to do that? A quick perusal of the organization’s latest press release will probably leave you more confused than anything else, with marketing technobabble like this:
New: Become a security pro with CISSP certification for $29, down from $672 (limited)
Recent attacks, including NotPetya and WannaCry last year, have been devastating to American companies, costing them hundreds of millions of dollars in losses. It’s not just businesses in the …
“This highly secure solution will deliver a cryptographically verified phone number and profile data for users of authorized applications with their consent. Authentication security is strengthened by processing unique attributes such as a network verified mobile number, IP address, SIM card attributes, phone number tenure, phone account type and more. In addition, advanced analytics and machine learning capabilities will be used to help assess risk and protect customers.”
All that could be condensed down into one sentence that is actually readable: “We’re going to set up a system wherein the secret two-factor code has to pass through several secure roadblocks before landing on your device.”
Aside from the press release marketing jargon, this is terrific news. While 2FA has worked OK for us over the past few years, it doesn’t take long for criminals to figure out new ways to break through security functions. A new system will, at the very least, give us some more security for a temporary period before malicious hackers figure out ways to bust through that new system.
The new second-generation of 2FA is expected to start testing in a few weeks. But always remember: a strong password is still your best defense against hackers. Get yourself a great password manager like LastPass or DashLane and get secured!
March 1, 2018 at 02:13PM