TikTok’s Multi-Factor Authentication Slip Up

It’s Time for Better Security 

There is no better way to start off Cybersecurity Awareness Month than with a little multi-factor authentication (MFAnews story, so let’s get into it! The ever-popular video sharing app TikTok has a reputation for many things, sadly one of them being that the platform lacks some much-needed security measures. Security professionals have spoken out many times on the importance of implementing multi-factor authentication on social media applications.  

TikTok & Multi-Factor Authentication  

If you are going to add a multi-factor authentication process to your app, you better make sure you do it correctly. This is where TikTok missed the mark. When the company launched the MFA feature, they failed to think of all the possible ways a user could log in to the application. The new MFA process currently only initiates when you are logging in on the mobile app. 

What’s the Problem?  

If a hacker knows the username and password of your account, they can easily login through the TikTok website without any MFA promoting them for verification. 

What Is MFA?  

The most common method in today’s world to protect systems in addition to a password is multi-factor authentication. Multi-factor authentication, sometimes called MFA, follows what you know (your password) and what you have (device or token) methodology. The device can be a mobile phone, a landline phone, a portable token (USB), or a smart card (chip). 

A password can be used virtually from anywhere in the world, so where’s the proof that the password is being entered by you? This is why multi-factor authentication has a physical component to it. MFA works only after your unique secondary password is entered correctly, sent to the device of your choosing. 

How Can I Protect My TikTok Account Right Now? 

Tiktok has come forward stating that they will be fixing this security problem soon. However, there is something you can do in the meantime to stay secure. Ensure you are using a strong password for your account, and make sure you are not using that password on any other account you have. If you are currently using your password on multiple accounts, changing your password is highly recommended. For more information on how to create strong passwords, click here. 

For more IT news, blogs, and industry insights throughout the week, follow us on FacebookTwitterLinkedIn, and Instagram. 



10 Signs Your IT Support
is Reactive, Not Proactive

Download our exclusive eBook to learn how your business can benefit from proactive IT support.