“One of the options available when using Apple’s two-factor authentication (2FA) is to have a code sent to you via SMS,” Ben Lovejoy reports for 9to5Mac. “The US National Institute for Standards and Technology, which sets the standards for authentication software, says that text messaging is not sufficiently secure, and that its use for two-factor authentication will in future be barred.”

“While NIST guidelines do not have the power of law, most major companies do abide by them, suggesting that Apple is likely to drop support for SMS authentication once the recommendation is published,” Lovejoy reports. “If you’re not already using two-factor authentication, it is highly recommended: check out our how-to guide.”

Read more in the full article here.

“The measure is being enforced because SMS is relatively insecure. The phone may not be in the original owner’s possession, for example, or the SMS may be hijacked by a VoIP service, Softpedia notes,” Michelle Starr reports for CNET. “The relevant paragraph of the draft reads: ‘[Out of band verification] using SMS is deprecated, and will no longer be allowed in future releases of this guidance.'”

Starr reports, “However, the draft also notes that two-factor authentication via a secure application or biometrics, such as a fingerprint scanner, may still be used.”

Read more in the full article here.

MacDailyNews Take: 2FA vis SMS should have gone the way of the dodo already.