Multifactor authentication has been a revelation in the defence against hackers and cyber criminals. By no means a magic bullet, it is still a critical defence from attempts to illegally access information from individuals and businesses alike.
However, there is a recent exploit which has seen cyber criminals finding a way to still gain access to your information.
For most of us, we have got used to using authenticator apps such as Microsoft Authenticator to access accounts which require MFA. Some accounts work differently, using a mobile number to text you a one-time password. This is the root of the vulnerability.
You might be asking ‘why is this a problem?’. It’s because when the OTP (One time passwords) are issued via SMS, they can be intercepted by criminals. If they already have your login credentials, then all that they are missing is the text message with the one time password which grants them access to your account.
Getting your OTP from authenticator apps is a much harder problem for cyber criminals to crack.
Affinity recommends using an Authenticator app where you can. Only use the text message alternative as a last resort. This will help your business to continue operating safely and securely.