Follow us:
  1. Home
  2. News
  3. Cybersecurity News

Microsoft urges users to stop using phone-based multi-factor authentication

A company executive says app-based authentication is more secure

Photo
Photo (c) hanieriani - Getty Images
A Microsoft executive is urging users to move away from phone-based multi-factor authentication (MFA) mechanisms and instead embrace newer security technologies, like app-based authenticators and security keys.

In a blog post, Alex Weinert, Director of Identity Security at Microsoft, said app-based two-factor authentication provides greater security.

Weinert said telephone-based multi-factor authentication (MFA) solutions -- like one-time codes sent via SMS and voice calls -- are “based on publicly switched telephone networks (PSTN), and I believe they’re the least secure of the MFA methods available today.” 

“That gap will only widen as MFA adoption increases attackers’ interest in breaking these methods and purpose-built authenticators extend their security and usability advantages,” he said. “Plan your move to passwordless strong auth now – the authenticator app provides an immediate and evolving option.” 

MFA is ‘essential’

In 2019, Weinert penned a blog post in which he said that internal Microsoft statistics showed that users who enabled MFA blocked around 99.9 percent of automated attacks against their Microsoft accounts. 

In a follow up blog post earlier this week, he stressed that MFA itself is essential -- but the way people use it should change. If users have to choose between multiple MFA mechanisms, he said they should avoid phone-based MFA which can be intercepted by attackers. 

Weinert said a good place to start is by using Microsoft’s Authenticator MFA app. For even greater security, hardware security keys can be used. 

Take an Identity Theft Quiz

Get matched with an Accredited Partner

    Share your comments