Should exchanges start using the U2F authentication model instead of 2FA?


After Google announced the withdrawal of support for its two-factor authentication (2FA) application and will begin to use a security key device with a multi-factor authentication system or Universal 2nd Factor (U2F), none of the more than 85,000 employees in the company has been affected by phishing attacks. This decision was made in view of the increase in attacks reported and documented since 2013, having tripled since then to date.

Fishing is currently one of the most common forms used by hackers to steal passwords and any other type of private data belonging to users on the network, and unfortunately the two-factor authentication method has also been targeted by the technique.

Previously, Google Authenticator was raised as an improvement to the text messages used to perform second factor authentication, since these could be seriously compromised and easily intercepted by attackers, to then access the accounts of users.

Both Google Authenticator and Authy, the other most popular option in the industry for the verification process, were subsequently transformed into the second generation of 2FA in order to correct the shortcomings of the text messages that contained the security codes for the start of session.

For the previous cases, it is necessary that users make use of unique and random codes, generated every so often by a web or mobile application through a specialized algorithm. However, the mechanism also has its security breaches by leaving attack options available, with false emails and websites being the most used to perpetrate them. This way the hackers will get the codes to enter the real accounts.

Did you like this article? Don’t forget to follow @Braziocoin on instagram to stay up to date with all the news of the cryptoworld.

Check out for more info.