Two-Factor Authentication Might Not Keep You Safe

The online security “best practice” is still vulnerable to phishing attacks

New York Times Opinion
Jan 28 · 5 min read
Illustration: IkonStudio/Getty Images

By Josephine Wolff

Here’s how two-factor authentication is supposed to work: You log in to your bank account or email inbox, and after correctly entering your password, you are prompted to confirm the login through an app on your…

This story is just a click away.

Sign up for a free Medium account to read this story from New York Times Opinion. Plus, get one more story in your member preview this month.
Already have an account? Sign in

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade