The recent lawsuit against Coinbase has sparked a conversation within the crypto community about the security of SMS two-factor authentication (SMS 2FA).
Most community members are generally doubtful that the lawsuit will be successful. However, it highlights the vulnerabilities of SMS 2FA and the need for more robust security measures.
Is Coinbase Responsible?
A Coinbase customer filed a lawsuit claiming to have lost 90% of his life savings after falling prey to SIM swapping. That method enables fraudsters to gain control of a phone number and bypass any SMS 2FA on an account. In addition, the thieves allegedly confirmed the withdrawal of $96,000 from the customer’s Coinbase account after gaining control of his phone number.
Coinbase denied responsibility for the hack and stressed that customers are responsible for the security of their accounts. That includes their email, passwords, 2FA codes, and devices. The exchange also encourages using authenticator apps for 2FA, which it describes as a more secure option than SMS.
Crypto community members have expressed skepticism about the lawsuit’s chances of success. They also pointed out that SMS 2FA is the least secure form of authentication. Some have even suggested that this authentication method should be banned altogether.
Blockchain security firm CertiK has warned about the dangers of SMS 2FA and highlighted its vulnerabilities. According to CertiK’s security expert Jesse Leclere, SMS verification is better than nothing but is currently the most vulnerable form of 2FA.
Ditch SMS 2FA For Online Accounts
Leclere recommends using dedicated authenticator apps like Google Authenticator or Duo. These tools offer nearly all the convenience of SMS two-factor authentication while removing the risk of SIM swapping.
However, some Reddit users have pointed out that phone authenticator apps can also make that device a single point of failure and recommended using separate hardware authentication devices for added security.
The outcome of the Coinbase lawsuit remains uncertain. However, it has raised important questions about the security of 2FA via SMS and the need for stronger security measures to protect cryptocurrency accounts.
Authenticator apps and hardware authentication devices offer more secure options for 2FA. Therefore, they should be considered by anyone looking to secure their accounts.
None of the information on this website is investment or financial advice and does not necessarily reflect the views of CryptoMode or the author. CryptoMode is not responsible for any financial losses sustained by acting on information provided on this website by its authors or clients. Always conduct your research before making financial commitments, especially with third-party reviews, presales, and other opportunities.