Security researcher finds unsecured database leaking 2FA codes online picture alliance via Getty ImagesSecurity experts advise against using SMS messages for two-factor authentication codes due to their vulnerability to interception or compromise. The Sensitive SMS Database Was Left Unprotected OnlineThe internal database, discovered by security researcher Anurag Sen, was left unprotected without a password despite being internet-facing. Information including password reset links and 2FA codes for companies such as Google, WhatsApp, Facebook and TikTok. From the perspective of the 2FA codes I would have to say not very much. Does This Mean You Shouldn’t Use SMS For 2FA Security Codes?

Source: Forbes March 07, 2024 00:23 UTC