Cybersecurity | October 1, 2020

TikTok’s Multi-Factor Authentication Slip Up

Itā€™s Time for Better SecurityĀ 

There is no better way to start off Cybersecurity Awareness Month than with a littleĀ multi-factor authentication (MFA)Ā newsĀ story, so letā€™s get into it!Ā The ever-popular video sharing appĀ TikTokĀ has a reputation for many things, sadly one of them being that the platform lacks some much-needed security measures. Security professionals have spoken out many times on the importance of implementingĀ multi-factor authenticationĀ on social media applications.Ā Ā 

TikTokĀ & Multi-Factor AuthenticationĀ Ā 

If you are going to add a multi-factor authentication process to your app, you better make sure you do it correctly. This is whereĀ TikTokĀ missed the mark.Ā WhenĀ the company launched the MFA feature, they failed to think of all the possible ways a user could log in to the application. The new MFAĀ process currently only initiates when you are logging in on the mobile app.Ā 

Whatā€™s the Problem?Ā Ā 

If a hacker knows the username and password of your account, they can easily login through theĀ TikTokĀ website without any MFA promoting them for verification.Ā 

What Is MFA?Ā Ā 

The most common method in todayā€™s world to protect systems in addition to a password is multi-factor authentication. Multi-factor authentication, sometimes called MFA, follows what you know (your password) and what you have (device or token) methodology.Ā The device can be a mobile phone, a landline phone, a portable token (USB),Ā or a smart card (chip).Ā 

A password can be used virtually from anywhere in the world, so whereā€™s the proof that the password is being entered by you?Ā This is whyĀ multi-factor authenticationĀ has a physical component to it. MFA works only after yourĀ unique secondaryĀ password is entered correctly, sent to the device of yourĀ choosing.Ā 

How Can I Protect MyĀ TikTokĀ Account Right Now?Ā 

Tiktok has come forward stating that they will be fixing this security problem soon. However, there is something you can do in the meantime to stay secure. Ensure you are using a strong password for your account, and make sure you are not using that password on any other account you have. If you are currently using your password on multiple accounts, changing your password is highly recommended. For more informationĀ on how to create strong passwords, click here.Ā 

For more IT news, blogs, and industry insights throughout the week, follow us onĀ Facebook,Ā Twitter,Ā LinkedIn,Ā andĀ Instagram.Ā 

Ā 

Search: