Facebook-owned Instagram is working on a non-SMS, two-factor authentication system that would work with security apps like Google Authenticator and generate a special login code in case of theft or hacking.
"We're continuing to improve the security of Instagram accounts, including strengthening 2-factor authentication," TechCrunch quoted an Instagram spokesperson as saying.
A prototype version of the updated two-factor feature in the Android version of Instagram's Android application package (APK) code was discovered and tweeted about by an engineer named Jane Manchun Wong.
Tech companies like Google and Facebook have already built tools to protect against the vulnerability of SMS-based two-factor authentication.
Google has its Authenticator app that uses randomly generated numeric code with a strict time limit and Facebook now uses a similar tool built into the Facebook app itself.
The photo-messaging app lacked any two-factor protection until 2016 when it already had 400 million users.
Later that year, the company started rolling out two-factor authentication.