Security News > 2016 > August > NIST is No Longer Recommending Two-Factor Authentication Using SMS (Schneier on Security)

NIST is no longer recommending two-factor authentication systems that use SMS, because of their many insecurities. In the latest draft of its Digital Authentication Guideline, there's the line: [Out of band verification] using SMS is deprecated, and will no longer be allowed in future releases of this guidance....

News URL

https://www.schneier.com/blog/archives/2016/08/nist_is_no_long.html