26 Jul 2016
If you’ve been using two-factor authentication, you’re very used to online services sending you a code via text to verify changes to your account. Hopefully you aren’t in love with that particular security measure, because it’s about to go the way of the dodo.
The US National Institute for Standards and Technology says in the most recent draft of the Digital Authentication Guideline that “using SMS is deprecated, and will no longer be allowed in future releases of this guidance.” In other words, text-based authentication is not secure enough and just doesn’t cut it anymore.
They do, however, allow for using secured apps and biometrics. Google is a big proponent of two-factor authentication, so look for them to develop new, more secure methods sooner than later.