Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

Why not 2FA via SMS?

  • 1 èsì
  • 1 ní ìṣòro yìí
  • 1 view
  • Èsì tí ó kẹ́hìn lọ́wọ́ Wesley Branton

adblockfreak
adblockfreak
more options

Why can't 2-step authentication (for my Firefox Account) be done via SMS instead of requiring me to download another app? Isn't that how most other web apps handle it?

Why can't 2-step authentication (for my Firefox Account) be done via SMS instead of requiring me to download another app? Isn't that how most other web apps handle it?

Ọ̀nà àbáyọ tí a yàn

Originally two factor authentication was done via an SMS message with a code (not specifically by Mozilla, but in general). The reason that most companies are transitioning to using two factor authentication apps instead is for security.

As it turns out, it's fairly easy to hijack SMS text messages, which would make it easy for an attacker to gain access to your account, even though it's protected with two factor authentication.

Authentication apps don't suffer from this security flaw and since the majority of mobile devices are smart devices, it's usually not a big deal.

Another good thing about using an authentication app instead of SMS is that you can use a variety of devices, not just those that have a SIM card. It also allows you to use multiple different devices to authenticate your account. For example, if you don't have access to your smartphone, you can unlock your account with a computer if you have an authentication app setup on there.

Ka ìdáhùn ni ìṣètò kíkà 👍 0

All Replies (1)

Wesley Branton
Wesley Branton
more options

Ọ̀nà àbáyọ Tí a Yàn

Originally two factor authentication was done via an SMS message with a code (not specifically by Mozilla, but in general). The reason that most companies are transitioning to using two factor authentication apps instead is for security.

As it turns out, it's fairly easy to hijack SMS text messages, which would make it easy for an attacker to gain access to your account, even though it's protected with two factor authentication.

Authentication apps don't suffer from this security flaw and since the majority of mobile devices are smart devices, it's usually not a big deal.

Another good thing about using an authentication app instead of SMS is that you can use a variety of devices, not just those that have a SIM card. It also allows you to use multiple different devices to authenticate your account. For example, if you don't have access to your smartphone, you can unlock your account with a computer if you have an authentication app setup on there.