The MFA Level-Up: Why SMS Codes Are No Longer Enough

For years, enabling Multi-Factor Authentication (MFA) has been a cornerstone of account and device security. While MFA remains essential, the threat landscape has evolved, making some older methods less effective.

The most common form of MFA, four- or six-digit codes sent via SMS, is convenient and familiar, and it’s certainly better than relying on passwords alone. However, SMS is an outdated technology, and cybercriminals have developed reliable ways to bypass it. For organisations handling sensitive data, SMS-based MFA is no longer sufficient. It’s time to adopt the next generation of phishing-resistant MFA to stay ahead of today’s attackers.