Instagram began making two-factor authentication available in February 2016 as a way for users to protect their accounts from logins on unknown devices, but the security tactic was only available via text messaging. However, that may be changing soon.
The Facebook-owned photo- and video-sharing network confirmed that it is developing a non-SMS two-factor-authentication system that is compatible with third-party security applications, such as Google Authenticator and Duo, with a spokesperson saying, “We’re continuing to improve the security of Instagram accounts, including strengthening two-factor authentication.”
The new two-factor authentication system generates special codes that users can log in to Instagram with, and those codes cannot be generated on different phones, protecting users whose phone numbers may have been ported to hackers’ SIM cards.
Jane Manchun Wong, a computer science student at the University of Massachusetts Dartmouth, shared screenshots of the feature that she discovered in the Instagram Android app’s code in a tweet, which, in turn, was shared by Josh Constine of TechCrunch.