Few days ago it became known that Instagram starts rolling out two-factor authentication. At first, a beta version of 2FA was tested by a small number of selected users. But now two-step authentication becomes available to everyone.

But what is the most surprising about this news is that the popular social network has moved to it so slowly. After all, two-factor authentication has long been an integral part of data protection of all its ‘colleagues’ – Facebook, Twitter, LinkedIn, etc.

Why does Instagram need two-step authentication?

Instagram has many accounts, which bring their owners a lot of money. Often, the income from these accounts can be compared with a full-fledged business. For many celebrities, it is one of the most important channels of communication with their fans. For many companies, Instagram is one of the key platforms for advertising and looking for potential customers. Imagine how upset Taylor Swift will be if her account with more than 67.9 million followers gets hacked.

The accounts with a large number of followers have been hacked more than once. And every time it harmed the owner’s reputation and income. Thus, 2-factor authentication with the help of one-time passwords can be a real way out for those users who have an extreme need for data protection.

How does two-factor authentication on Instagram work?

At this moment, the OTP (one-time passwords) on Instagram are delivered only via SMS. But, frankly speaking, this way of one-time passwords delivery is a thing of the past. Modern two-step authentication technologies offer a much more convenient and reliable way to confirm the user’s rights to log in.

The two-step authentication can be performed either by biometric methods or tokens – one-time password generators. The first method is faster and easier, and the second is much better immune to the influence of random (and non-random) factors. Many people think that tokens are necessarily the separate and expensive devices more suitable for data protection of the bank or office accounts. But there is another kind of tokens that are secure, easy-to-use and free of charge.

The best solution for Instagram, where people usually log in from the smartphones, is a software token, which is installed on the same device.

Many have heard of Google Authenticator, but it is not the only possible type of the software tokens. Protectimus has created an application that surpasses a software OTP token from Google. We are talking about Protectimus Smart application for Android/iOS smartphones.

The benefits of Protectimus Smart OTP token

This application, as well as its hardware ‘brothers’, is PIN-protected. So, even if the smartphone is lost or stolen, the thieves won’t be able to use Protectimus Smart for getting access to the account protected with it. The application can be connected with the Android Wear smartwatch. This facilitates and simplifies the process of one-time passwords generation. Thus, two-step authentication becomes more convenient. The company has thought trough even such details as the visual representation of the generated OTP password. Unlike Google Authenticator and most other software tokens the numbers here are divided into short groups that eases their entry. The application allows using different one-time passwords generation algorithms. Time-based (TOTP), event-based (HOTP), and ‘challenge-response’ (OCRA).

Of course, the service for sharing pictures is not a banking institution. There is no need for strong authentication each time you enter the account. Thus, it is assumed that the Instagram user will have to enter the one-time password only when he logs in his account from a new device.