Microsoft urges users to stop using call & SMS-based multi-factor authentication


Olde Hornet

Olde Hornet

Well-Known Member
www.zdnet.com

Microsoft urges users to stop using call & SMS-based multi-factor authentication

Microsoft recommends using app-based authenticators and security keys instead.
www.zdnet.com www.zdnet.com

The warning comes from Alex Weinert, Director of Identity Security at Microsoft. For the past year, Weinert has been advocating on Microsoft's behalf, urging users to embrace and enable MFA for their online accounts.

Citing internal Microsoft statistics, Weinert said in a blog post last year that users who enabled multi-factor authentication (MFA) ended up blocking around 99.9% of automated attacks against their Microsoft accounts.

But in a follow-up blog post today, Weinert says that if users have to choose between multiple MFA solutions, they should stay away from telephone-based MFA.

The Microsoft exec cites several known security issues, not with MFA, but with the state of the telephone networks today.
 
You must log in or register to reply here.
Back
Top