The apparent ease with which SIM hijacking attacks are being perpetrated to get the targets’ second authentication factor for crucial accounts (online banking, cryptocurrency exchange, online wallet) must have raised some doubts about the security of multi-factor authentication (MFA) – and rightly so.
What users need to know and accept is that not all MFA options are equally secure but that, generally, they are all a safer option than using just a password.
“Use of anything beyond the password significantly increases the costs for attackers, which is why the rate of compromise of accounts using any type of MFA is less than 0.1% of the general population,” Alex Weinert, Group Program Manager for the Identity Security and Protection team at Microsoft, explained.
Hardware-bound MFA options, such as smartcards, microsoft takes users reach attacks security
