Google is set to drop its SMS-based two-factor authentication (2FA) method in the near future, replacing it with a more secure QR code system. This move aims to curb the impact of rampant SMS 2FA abuse, which can be spoofed by criminals or stolen via phishing tactics.
The current SMS-based system uses one-time numerical codes sent via text messages for authentication. However, hackers have found ways to bypass this security measure. In contrast, QR codes are significantly more secure and offer a higher level of protection against unauthorized access.
Google has confirmed its intention to move away from sending SMS messages for authentication, citing concerns over the convenience of these codes coming at the cost of security. According to a spokesperson, Google wants to adopt more advanced authentication methods like passkeys, which provide an additional layer of security.
The new QR code login system is expected to work by providing users with a unique QR code to scan using their phone or other authentication apps. However, details on how this system will function remain unclear. Google has only stated that it plans to implement the change “over the next few months.”
Source: https://www.pcworld.com/article/2617677/gmail-is-killing-sms-based-2fa-login-codes-in-favor-of-this-instead.html