If You Text From Your PC, Don’t Use SMS For Two-Factor Authentication

If You Text From Your PC, Don’t Use SMS For Two-Factor Authentication

We love two-factor authentication, and we love services that make our text messages accessible from our computers. However, if you don’t want anyone else — a snooping spouse, child, parent, or most importantly, a laptop thief — getting hold of your private information, you might want to alter how you use two-factor authentication.

Photo by MIKI Yoshihito

Two-factor authentication is one of the best forms of password security, but if you use services like Yosemite’s new Text Message Forwarding with iOS 8.1 or MightyText on Android, you should make sure you’re not using SMS as your second step in the authentication process.

Anyone who has access to your computer will be able to see the second step — the verification code — from your computer, whether they have your phone or not. Instead, use a USB key or our favourite authentication app for Android and iPhone, Authy, to generate a code from your phone, and disable SMS as your second step. Authy can even hide the codes behind a PIN for extra security.

Beware two-factor authentication using SMS forwarding [The Unofficial Apple Weblog]


The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.

Comments


One response to “If You Text From Your PC, Don’t Use SMS For Two-Factor Authentication”