A couple of interesting bits of information coming out this week regarding Instagram. The company is finally working on incorporating a token-based two-factor authentication system in its app. This was discovered by an engineer within the app's code and posted on Twitter.
Instagram is finally working on token-based two-factor authentication!! 🎉— Jane Manchun Wong (@wongmjane) July 17, 2018
Thank you Instagram! I have been waiting for this since 2016! We finally won't have to rely our account's security on SMS! 😍 pic.twitter.com/u0iIPTaZO2
Currently, Instagram supports SMS based two-factor authentication, which is better than single factor authentication but still not very secure due to the risk of someone gaining access to your phone number using SIM hacking. This will give them access to all incoming SMS authentication codes.
Token-based authentication is significantly more secure, as it requires physical access to the device that has the app installed that generates the tokens. You can have a free app like Google Authenticator, which will generate new tokens every minute and unless someone has access to the very latest token in addition to the username and password they cannot access your account.
Instagram has come out and confirmed that it is working on the feature but we have no information on when it will be released.
Another new Instagram feature is the ability to remove a follower. If you don't want someone to follow you, you can now simply remove them from your followers list. It's not quite the same as blocking someone as they can still follow you back but merely unfollows you on their behalf. It can be a good way to subtly send a message or just stop someone from seeing everything you post without straight up blocking them.
This feature is currently rolling out to devices and should be already available for some. You can go to your followers list and check if an additional menu is available there for every user in the list.