At the start of the year, news broke out that Twitter was changing its approach to two-factor authentication, prompting (non-blue) users to abandon SMS-based 2FA and adopt an authenticator app instead.
The move incentivized dodgy developers to flood the app stores with deceptive 2FA apps designed to get users to pay hefty sums for features offered free of charge by legitimate developers.
Unfortunately, many of these shady apps still plague the iOS App Store, featuring aggressive in-app purchase prompts designed to confuse the user into parting with some coin down the line. Here are some red flags:
In the case of authenticator apps, many legitimate ones actually turn up lower in the query list. So it’s important to take your time and find the ones worth using.
Google and Microsoft offer some of the best authenticator apps on the market. They’re both very straightforward and free to use indefinitely.
Apple offers its own official 2FA solution as part of iCloud Keychain. As an iOS user, you can safely stay in your ecosystem and avoid downloading a separate authenticator app until you absolutely need one.
Other trusted options include Duo Mobile and Okta Verify.
Threat actors can easily compromise online accounts that lack a second layer of authentication, so two-factor authentication has become a must in today’s world.
SMS-based 2FA is better than no 2FA at all. However, bad actors can go to great lengths to intercept your codes using SIM swapping / SIM jacking, so it’s advisable that you use a trusted authenticator app.
When it comes to your security and privacy, only use trusted apps and services.
And, as always, consider deploying a dedicated security solution on your personal devices.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024