Do you use text messages for multi-factor authentication (MFA)? If so, it’s time to switch to a more secure method—especially in light of a recent network breach.
It’s highly recommended to receive MFA codes through an app like Google Authenticator or Authy, or by using a physical security key. Whenever possible, hardware-based FIDO security keys—such as those from Yubico or Google Titan—provide the highest level of protection. FIDO passkeys are also an effective alternative.
Additionally, both the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) advise against sending text messages between Android and Apple devices. While messages sent within the same platform (e.g., iPhone to iPhone or Android to Android) are generally secure, cross-platform messaging lacks equivalent protections.
For secure communication, it’s best to use an end-to-end encrypted messaging app like Signal or WhatsApp. These apps also encrypt voice calls, adding another layer of security.
Other recommendations include locking phones, SIM cards, and carrier services (such as voicemail) with a PIN wherever possible.
The CISA has released a comprehensive list of best security practices for smartphone users, including specific tips for both iPhone and Android owners. You can download it at the link below:
https://www.cisa.gov/sites/default/files/2024-12/guidance-mobile-communications-best-practices.pdf