The first method is widely considered to be insecure given how SMS can be spoofed, while most regular users should suffice with the built-in Google Prompt on Android and iOS. Methods include a code sent via SMS message that has to be manually entered or a prompt with options to authorize/deny the login attempt. Two-factor authentication works by asking users to confirm via a local device - presumed to be in their possession - that it is really them entering the login and password to an account. If it’s inevitable, the process should be improved and one way to do that is through security keys. However, it is free, with everyone having a phone - not even needing a smart one - the adoption of two-factor in light of countless online threats is only going to increase.
Ignoring that SMS-based 2FA is not secure, remembering and entering a numeric code is a big inconvenience. Online banking is the most likely place they’ve encountered it and unfortunately the experience is quite lacking. The average person in 2018 is at least aware of two-factor authentication in one form or another.
0 kommentar(er)
