Instagram will upgrade two-factor authentication to guard against SIM hacking

Hackers can steal your phone number by reassigning it to a different SIM card, use it to reset your passwords, but now Instagram has confirmed to TechCrunch that it’s building non-SMS two-factor authentication system that works with security apps like Google Authenticator or Duo.

Instagram has confirmed that it’s working on the more secure method, just hours after a prominent Motherboard investigation on SIM hacking was published earlier today. They generate a special code that you need to log in that can’t be generated on a different phone in case your number is ported to a hacker’s SIM card.

The social media platform will supposedly let you authenticate with code-generating apps like Google Authenticator. It appears the company has been working on this feature for some time as Engineer Jane Manchun Wong discovered a prototype version of the updated two-factor authentication within an Instagram’s Android APK.

Once hackers have control of your phone number, they can use it to extort a victim for financial gain or even use it to recover benefits from other online accounts.


Many technology companies, like Facebook and Google, have built solutions which protect against vulnerabilities introduced with SMS-based two-factor authentication.

Instagram is finally working on token-based two-factor authentication!


This shows that Instagram never stops updating its application since the time it was made and the day today. Instagram has changed a lot. It has become a more secure app for everyone. It’s still becoming better day by day being in competition with the hackers and data stealers.