LastPass’s free authentication app uses a feature called one-tap push notifications that lets you log in to select sites on PCs with a click instead of entering codes. LastPass Authenticator: Runner up LastPass One notable exception is Steam, which provides a homegrown 2FA option in its mobile app. Software optionsĪny service that supports the standard OTP 2FA approach will work with all of the apps below, and that includes most mainstream websites and services. The fact is, using a software- or hardware-based 2FA solution on a device you own is a great way to protect your account, and far better than simply using SMS. So while this study didn’t mention 2FA apps specifically, we expect the results would be the same as, if not better than, an on-device prompt. App-based two-factor authentication is similar in that the second step is generated on the smartphone itself. That’s not bad protection, but Google’s on-device prompt strategy (we’ll cover this later) was even better, blocking 99 percent of bulk phishing attacks, and 90 percent of targeted attacks.
The trio found that SMS authentication blocked 96 percent of bulk phishing attacks, and 76 percent of targeted attacks trying to crack into your Google account. In May 2019, Google announced a one-year study it did in partnership with New York University and the University of California, San Diego. That said, SMS authentication is still far better than nothing. If you decide to get your 2FA codes via SMS, for example, the code could potentially be intercepted by hackers, as researchers for Positive Technologies demonstrated in 2017.
0 kommentar(er)
