Instagram Is Testing Two-Factor Authentication That Doesn’t Rely on Text Messages

The feature protects users whose phone numbers may have been compromised

Instagram is developing a non-SMS two-factor-authentication system - Credit by nicescene/iStock
Headshot of David Cohen

Instagram began making two-factor authentication available in February 2016 as a way for users to protect their accounts from logins on unknown devices, but the security tactic was only available via text messaging. However, that may be changing soon.

The Facebook-owned photo- and video-sharing network confirmed that it is developing a non-SMS two-factor-authentication system that is compatible with third-party security applications, such as Google Authenticator and Duo, with a spokesperson saying, “We’re continuing to improve the security of Instagram accounts, including strengthening two-factor authentication.”

The new two-factor authentication system generates special codes that users can log in to Instagram with, and those codes cannot be generated on different phones, protecting users whose phone numbers may have been ported to hackers’ SIM cards.

Jane Manchun Wong, a computer science student at the University of Massachusetts Dartmouth, shared screenshots of the feature that she discovered in the Instagram Android app’s code in a tweet, which, in turn, was shared by Josh Constine of TechCrunch.


david.cohen@adweek.com David Cohen is editor of Adweek's Social Pro Daily.
Publish date: July 18, 2018 https://dev.adweek.com/digital/instagram-is-testing-two-factor-authentication-that-doesnt-rely-on-text-messages/ © 2020 Adweek, LLC. - All Rights Reserved and NOT FOR REPRINT