Could two-step verification through texts go the way of the dodo?

nest two step verification
The number of websites and services using two-step verification to secure accounts has increased over the years — yet the National Institute of Standards and Technology’s latest proposal might put a halt to the verification method.

In its mainstream incarnation, two-step verification (also known as multi-factor authentication and two-factor authentication) works by sending you a one-time code through SMS when logging into one of your digital accounts. In theory, even if someone has your username and password, they cannot access your account without access to your phone. Two-step verification is not the end-all, be-all solution that will forever safeguard your accounts, but it has certainly proven resilient over time.

Unfortunately, recent malware like HummingBad and Stagefright shows that folks are finding more ways to remotely access your phone and your messages, thus raising concerns over two-step verification. Furthermore, as Slate points out, services like Skype and Google Voice have become more popular over the years, putting into question how secure transmission protocols used by two-step verification systems are.

As a result, NIST suggests the use of alternative authenticators to ensure the integrity of such systems.

“Due to the risk that SMS messages may be intercepted or redirected, implementers of new systems should carefully consider alternative authenticators,” reads the government agency’s draft.

Based on the language of the draft, NIST wants agencies to avoid making new investments into two-step verification systems that use SMS messages, and instead invest in alternative solutions like biometrics and apps that create one-time codes. However, the agency also warns that the use of SMS messages “may no longer be allowed in future releases of this guidance,” putting into question whether there will be an expiration date on such uses.

Michael Garcia, deputy director of authentication research program NSTIC at NIST, reaffirmed the draft’s language regarding SMS-based two-step verification systems, saying that alternative solutions should be considered if entities are at a point of reinvestment.

“We’re not saying federal agencies drop SMS, don’t use it anymore,” Garcia told Slate. “But, we are saying, if you’re making new investments, you should consider that in your decision-making.”

Overall, NIST’s draft does not mean much for people with digital accounts right now, but do not be surprised if, in time, companies like Google and Apple no longer want to send you one-time codes and, instead, opt for different, more secure methods of accessing your accounts.

Social Media

A Facebook, Instagram bug exposed millions of passwords to its employees

Facebook, Facebook Lite, and Instagram passwords weren't properly encrypted and could be viewed by employees, the company said Thursday. The network estimates millions of users were affected.

Apple's iOS 12.2 brings support for Apple News Plus and new AirPlay 2 features

After months of betas, the final version of iOS 12 is here to download. The latest OS comes along with tons of new capabilities, from grouped notifications to Siri Shortcuts. Here are all the features you'll find in iOS 12.

Convert your PDFs into convenient Word documents with Adobe or a free option

PDF files are great, but few document types are as malleable as those specific to Microsoft Word. Here's how to convert a PDF file into a Word document, whether you prefer to use Adobe's software suite or a freemium alternative.

Rooting your Android device is risky. Do it right with our handy guide

Wondering whether to root your Android smartphone or stick with stock Android? Perhaps you’ve decided to do it and you just need to know how? Here, you'll find an explanation and a quick guide on how to root Android devices.

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.

Does the box for AirPods 2 reveal Apple's AirPower wireless charging mat?

At its September event in 2017, Apple unveiled the AirPower, a new wireless charging mat that will allow you to charge multiple devices at one time. It has not yet been released. Here's everything we know about the device so far.
Product Review

4 Lenses, 40 megapixels, and 400k ISO. Huawei’s P30 Pro is a photography freak

Huawei’s P-series phones place an emphasis on the camera. That’s why the company partnered with Leica on the camera tuning. The latest phone is the Huawei P30 Pro, and it must fill the big shoes of last year’s stunning P20 Pro. Is it…

Yes, you can use Android apps on your Chromebook. Here's how

You can now get Android apps on your Chromebook! Google has enabled the Google Play Store app support on its Chrome OS and Chromebook hardware, so to get you started, here's our guide on how to get Android apps on a Chromebook.

Samsung Galaxy Fold pre-orders will start April 26, with shipment on May 3

The Samsung Galaxy Fold has arrived, and it goes on sale soon. Folding out from a 4.6-inch display to a tablet-sized 7.3-inch display, this unique device has six cameras, two batteries, and special software to help you use multiple apps.

Huawei P30 Pro is a gorgeous-looking smartphone packed with camera ingenuity

Huawei has kicked off the new year by launching the new Huawei P30 Pro and P30. With upgraded hardware, new software tricks, and some absolutely stunning cameras, Huawei's new phones are serious contenders.
Product Review

Compared to the P30 Pro, Huawei may have stripped too much out of the P30 phone

Has Huawei pulled all the best parts out of the P30 Pro to make the P30, its cheaper, smaller sister phone? Yes, but the answer is more complicated than that. Here’s our look at the 6.1-inch P30.

Huawei P30 Pro vs. Mate 20 Pro vs. P20 Pro: Which Huawei flagship is best for you?

If you're after a Huawei smartphone, but can't pick between this year's flagship and the previous two, or maybe you're looking to upgrade, we're here to explain what makes the P30 Pro, P20 Pro, and Mate 20 Pro different.

Huawei P30 Pro vs. Huawei P30: Should you go pro or save some dough?

The latest phones from Huawei are seriously powerful, eye-catching devices, but what sets them apart? We take a look at the Huawei P30 Pro and compare it to the Huawei P30 in various categories to uncover the differences.

The 13 best iPhone 7 Plus cases to protect your Apple phone

The iPhone 7 Plus is big and beautiful, but you need to wrap it up if you want to protect it from damage. We’ve rounded up some of the best iPhone 7 Plus cases and covers available. Get some protection or a new style today.