While two-factor authentication has become a necessity, Instagram currently only offers the added security layer in the form of SMS two-factor – which has its own share of concerns. According to TechCrunch, however, Instagram is planning to rollout non-SMS two-factor authentication…
The spotlight was put on Instagram today due to an excellent (and terrifying) article from Motherboard, which explained how hackers can steal a phone number by reassigning it to a different SIM card, then using it to steal passwords and access accounts via SMS two-factor.
In a statement to TechCrunch, however, Instagram confirmed that it is building a non-SMS two-factor authentication system that works independent of phone numbers. This system would pair with security applications such as Google Authenticator and Duo.
But now Instagram has confirmed to TechCrunch that it’s building non-SMS two-factor authentication system that works with security apps like Google Authenticator or Duo. They generate a special code that you need to login that can’t be generated on a different phone in case your number is ported to a hacker’s SIM card.
“We’re continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication.”
The evidence of Instagram’s more secure two-factor authentication is already present in its Android application. Buried in the app’s code is an explainer screen that highlights support for apps such as Google Authenticator and Duo, though the feature is not live yet.
Add protection to your account every time you log in on a phone or computer we don’t recognize.
We’ll send a text message with a login code, or you can use a security app of your choice like Google Authenticator or Duo Mobile.
At this point, it’s unclear what timetable we’re looking at for Instagram’s rollout of non-SMS two-factor, but here’s hoping it’s sooner rather than later.