Give the common view that two-factor authentication increases security today. However, Microsoft warned of disposable SMS codes.
Microsoft: Don’t use disposable SMS codes
In this period of increasing importance of data security, it is necessary to protect against cyber attacks. For this, many security companies recommend switching to two-factor authentication and choosing SMS codes that can be used once.
However, in a blog post published by Microsoft, users were warned about this. Alex Weinert, head of the information security department at Microsoft, shared detailed information on the subject. According to Weinert, users must choose between several MFA solutions and eliminate authentication over the phone. According to Weinert, it would be a good move to eliminate this option because there is no encryption in SMS and voice calls.
Due to the absence of this encryption, single-use codes can be hacked by phishing hackers. In addition, in emergencies, technical problems such as the lack of network reception can disable authentication. In the blog post, it is recommended to use the Microsoft Authenticator application for authentication.