Veronica Cisneros

By: Veronica Cisneros on December 7th, 2017

Print/Save as PDF

Why You Should Never Use Texts for Two-Factor Authentication


Using two-factor authentication to log in to your system is stronger than using a password alone. It’s a proven way to make the computer network of businesses across more secure. But if that second factor is sent via text message, it could lead to a costly data breach. Here's what you need to know to stop cybercriminals from getting in.

What Is Two-Factor Authentication?

two factor authentication text with padlock

Two-factor authentication combines something you know (such as a password) with something you have (such as a phone or token). In many two-factor setups, a user enters a password along with a single-use numeric code produced by a smartphone authentication app.

But in some setups, the second factor consists of a temporary authentication code sent to your phone via SMS text message. That text message presents a weakness that criminals often exploit.

Why Do Cyber Criminals Love SMS Text Messages?

The problem is that text messages are vulnerable to social engineering attacks. Here's how a typical attack unfolds:

A criminal calls or emails your mobile phone service provider and uses your stolen personal data to impersonate you. The criminal then asks the company to send your text messages to a different device, which gives them access to your one-time login codes. They use those codes to gain immediate access to your system.

The scam has become so prevalent that the New York State Division of Consumer Protection recently issued a “SIM-Card Switch Scam” warning.

How to Do Two-Factor Authentication the Right Way?

Blog Image Template (8)

Without a doubt, two-factor authentication is more secure than relying on a password alone. But if your business currently uses SMS text messages as part of a two-step login process, it's time to switch to a better system. Let us show you better options.

Intelligent Technical Solutions is your local expert on computer network security. For the best business computer help, contact ITS today. We set up, maintain and secure the network of small and mid-size businesses. Our main objective is to help your businesses thrive by managing your technology. Contact us to get a 2 Hour FREE Network Assessment.

3 Types of Cybersecurity Solutions your Business Must Have