The National Institute for Standards and Technology (NIST) has released a Digital Authentication Guideline draft proposing that all services abandon SMS-based two-factor authentication and use tokens and software cryptographic authenticators. Because messages can be redirected to a VoIP service and not an actual mobile number, NIST believes SMS-enabled two-factor authentication is vulnerable to attacks. A […]
Latest Comments