After quietly working on the product for months, Instagram has officially rolled out support for third-party authentication apps like Google’s Authenticator or Duo Mobile on Android. (The feature first landed on iOS in a few weeks ago, with Android coming at a later date.) These authenticator apps can be used instead of an SMS text for two-factor authentication.
To turn it on — which you should because SMS is notoriously vulnerable now — go to the hamburger menu on your profile, tap into settings, scroll to two-factor authentication, and either tap “get started” or toggle on the authentication app. It’ll then automatically detect whatever app you use and walk you through the setup process. The company already allowed for phone number authentication, and iOS users have had access to third-party verification for months.
Again, you should turn on this feature. SIM hacking is proven to be a real thing where attackers essentially take over your phone number to intercept your two-factor SMS messages. With that access, they can verify account logins and take over. So yes, take advantage of third-party verification wherever possible.