From: Tom’s Hardware
The National Institute for Standards and Technology (NIST), a U.S. agency in charge of setting cryptography and security standards, proposed to deprecate SMS-based authentication for out of band (OOB) authenticators in its latest standards draft.
Out of band authentication is a form of two-factor authentication that requires another device to complete the authentication. This ensures that an attacker has to hack more than one type of device in order to get access to an account. However, even when using another device to get the SMS code, NIST believes SMS out of band authentication can no longer be considered as secure anymore.
Leave a Reply