Cybersecurity Experts Warn Bank Users Off Text Codes, Urge 2 Stronger Login Options
Updated
Updated · Fox News · May 27
Cybersecurity Experts Warn Bank Users Off Text Codes, Urge 2 Stronger Login Options
2 articles · Updated · Fox News · May 27
Text-message bank codes still add protection over passwords alone, but experts say they remain vulnerable to SIM-swap attacks and phishing that can hand criminals access to accounts.
Authenticator apps generate changing 6-digit codes on the device itself, cutting reliance on a phone number and reducing one of the biggest weaknesses of SMS-based verification.
Passkeys and hardware security keys offer stronger protection still because they are tied to the real site or app, making them far harder to steal through fake banking pages.
Customers should check security settings in their bank's official app or website, keep SMS enabled if no better option exists, and never read a login code to unsolicited callers, texts or emails.
If a bank only supports text codes, experts advise adding carrier port-out PINs, using unique passwords, saving backup codes and turning on alerts for transfers, password changes and new-device logins.
Passkeys promise unhackable banking. What is the next security loophole that cybercriminals will inevitably exploit?
SIM swap scams have surged over 1,000%. Why does the security burden still fall entirely on the customer?