When it comes to user security, two-factor authentication, and one-time passwords through OTP are some of the most used and preferred security measures. Not only that, it is used by almost every digital company that exists today. However, Microsoft is asking its users to avoid using telephone-based multi-factor authentication (MFA) solutions like one-time codes sent via SMS and voice calls and instead replace them with newer MFA technologies, like app-based authenticators and security keys.
As per ZDNet, Alex Weinert, Director of Identity Security at Microsoft, the users should start using MFA to secure their online accounts. As per him, there are a lot of security issues with the telephone-based OTP system. Since the OTP is sent through SMS or voice calls, it can easily be intercepted and gained by hackers. Also, the one-time codes are punishable by open source. Since networks are exposed to changing regulation downtime and minor issues, it will have an impact on the availability of the MFA mechanism.
Due to this, Microsoft is now recommending its users to use Microsoft’s Authenticator MFA app which provides them a system key instead of the one-time code. One simply has to use the app and provide the authentication to use the services. As per Microsoft, this method is much more secure and easier for a person to use and will surely safeguard the details of the account in a much better way. Also, since two-factor authentication through telephones has been there for a while, hackers have tried and have been successful to hack it in some instances.