Two factor authentication strikes the right balance between convenience and security, which is why so many services offer it nowadays. But its implementation differs. Many companies have SMS or app-based systems, others prefer tokens, and some offer both as an option. Two factor…
Two factor authentication strikes the right balance between convenience and security, which is why so many services offer it nowadays. But its implementation differs. Many companies have SMS or app-based systems, others prefer tokens, and some offer both as an option.
eBay falls in the third category, allowing users to receive the security code for the second authentication stage via SMS or a token. However, the company is now recommending users switch to the former method, touting its convenience as the main reason to abandon the token. But, should you take the advice?
SMS-based authentication is, indeed, more convenient. Most people have their phone on them, which makes it easy to get the security code when they want to log in. Trouble is, SMS is not a secure medium through which to deliver sensitive information like that. Someone can intercept those messages and gain access to one’s account, assuming they know the password.
Tokens, on the other hand, are more reliable and secure. You can get your security code even in an area without cellular coverage and, because the code is generated on the device, it’s pretty much impossible for someone to see it, unless they have physical access to the token.
Start
United States
USA — software eBay now recommends mobile over token-based two-factor authentication — should you switch?