SMS or Authenticator App? How to Choose the Best Two-Factor Authentication Option

For maximum security, you need to know which option is the best for keeping your account safe and secure.

Two-Factor Authentication (2FA) is an important security measure that’s essential for keeping any account secure. But it’s especially important for you to be informed on the options available to you, and the pros and cons of each, so you can choose what makes the most sense for you. We decided to round up the pros and cons of two popular 2FA methods – SMS and Authenticator App – to help you make your decision.

Pros & cons of using SMS-based 2FA

Pros

  • Easy set-up – Activate it right in your IG account without needing to download another app or take additional steps.
  • Real-time alerts – You’ll know instantly if there’s suspicious activity on your account, so you can take action immediately to protect it.

Cons

  • SIM swaps/duplication – Hackers can call your carrier, report your phone stolen, and request a new SIM be activated on a phone in their possession. Then, all of your calls and texts will go to them instead of you, and they can easily access your account (and any other account, for that matter). 
  • Email – By accessing your email account, hackers can use your email address to request a password change, then change your account settings to replace your info with theirs.
  • Phishing and malware attacks – 2FA codes can be stolen in phishing and malware attacks that give hackers access to your device, where they can access Authenticator and find your codes.

Pros & cons of using Authenticator App

Pros

  • No internet connection necessary – It doesn’t need a network connection to work. It does its job, even if your phone is offline.
  • Self-contained – It functions within the IG app itself, so there’s no way for hackers to hijack 2FA codes and gain access to your account.

Cons

  • See above – Some of the cons mentioned above for SMS-based codes also apply to Authenticator. The difference is in the methods used. There are other ways hackers can remotely access Authenticator on your device, without needing to mess with your SIM card, require you to input the information (as you would in a phishing attack), or be physically present to take the device. There’s also malware that makes it possible to steal codes from Authenticator directly.
  • Repetitive – It doesn’t sync well if you want to use it across multiple devices; you have to set it up on each device individually. And if you get a new phone, you have to re-sync all of your accounts on that device after setup.

So, what’s the verdict?

Your IG account is definitely less likely to get hacked with 2FA enabled. As far as where we stand with these two options, we’re going with the Authenticator App. SMS-based authentication does just that – it sends texts to make sure it’s really you who’s accessing your account.

But when it comes to security, there needs to be more preventative measures in place to keep your account secure. The Authenticator App provides additional features, such as one-time passwords and time-based passwords, that make it that much harder for hackers to access your account. Keep your account safe and enable 2FA with Authenticator App today.

More Reads + Inspiration

Finally, DIY security for all. Learn how to keep your business safe.