After an in depth article shared on Motherboard detailed how criminal hackers have been targeting Instagram users with unique usernames to steal their accounts or, in some cases, cryptocurrencies, the social media site has confirmed that it’s fighting back.
Instagram is building a non-SMS 2-factor authentication system that works with security apps like Google Authenticator or Duo. These work by generating a special code that you need to log in. The code can’t be generated on a different phone in case your number has been ported to a hacker’s SIM card.
The system was confirmed to TechCrunch, with evidence already present in its Android application:
But now Instagram has confirmed to TechCrunch that it’s building non-SMS two-factor authentication system that works with security apps like Google Authenticator or Duo. They generate a special code that you need to login that can’t be generated on a different phone in case your number is ported to a hacker’s SIM card.
“We’re continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication.”
Buried in the app’s code is an explainer screen that highlights support for Google Authenticator and Duo, but the feature is not live yet.
Add protection to your account every time you log in on a phone or computer we don’t recognize.
We’ll send a text message with a login code, or you can use a security app of your choice like Google Authenticator or Duo Mobile.
We don’t yet know when this security feature will start to roll out, but once you’ve read the Motherboard article you’ll probably be hoping its sooner rather than later.