Two-factor authentication SMS codes aren't your best option for cyber security
Posted in: Legal & Security at 07/03/2019 15:05
When it comes to personal cybersecurity, you might think you're doing alright.
Maybe you've got multi-factor authentication set up on your phone so that you have to enter a code sent to you by SMS before you can log in to your email or bank account from a new device.
What you might not realise is that new scams have made authentication using a code sent by SMS messages, emails or voice calls less secure than they used to be.
Multi-factor authentication is listed in the Australian Cyber Security Centre's Essential Eight Maturity Model as a recommended security measure for businesses to reduce their risk of cyber attack.
Last month, in an updated list, authentication via SMS messages, emails or voice calls was downgraded, indicating they're no longer considered optimal for security.
Here's what you should do instead.