Two-factor authentication (2FA) is a great security measure, but far too many companies use this method as default, and hackers know it. That’s why they target users’ 2FA codes to commit fraud and steal access to Google accounts. Now, things are changing. Google is the latest company to switch from SMS codes to QR codes. That’s a good thing, even if it changes how you sign in to your Google account. The problem is that hackers don’t need physical access to your phone to intercept your SMS codes. They can do it while sitting in another part of the globe. Using QR codes does require physical access to your phone, which means unless someone has stolen your phone, they can’t get your information. When users log in on a new device, they'll be prompted with a QR code that they can scan using their smartphone to authenticate. Using a QR code for verification stops phishing attacks, as there's no code to share. Because the QR code scanning is happening in person, between two devices in proximity, there are no carrier codes involved or online servers. There’s no timeline for the switch just yet, but Google plans on rolling out the feature in the near future, so get ready.
