Two-factor authentication via SMS might be history soon as the Federal agency is concerned. SMS messages can be redirected or intercepted, making them susceptible to hacking mentioned The National Institute of Standards and Technology in its latest draft of Digital authentication guideline.
In order to add an extra layer of security to the users account many companies like Google, Twitter, Facebook, etc. including a few banks as well use the text messaging. A text message containing the code which will be generated after the password is been entered will be sent to the user. This code is called OTP (One Time Password). But recently hackers have found a way to breach it by infecting the targeted phone with a malware which redirects the OTP to another device. Also, phone numbers which are connected to VoIP software-based services make them susceptible as well.
Better alternative need to be found said the Federal agency such as sending the same OTP but through a secure app. Google is already doing this through its authenticator app. Microsoft has released an authenticator app as well recently.
Even though, OTP through SMS for two-factor authentication is quite a popular option for companies intended to secure their users’ accounts.