Back in March last year, Instagram added the 2-Factor-Authentication feature to help users secure their accounts against potential breach of credentials. But, just like any other SMS-based authenticator, Instagram’s 2FA is prone to sabotage in case you lose your phone or your SIM card gets hacked.

As a solution to this, Instagram has revealed to TechCrunch that it is working on a two-factor authentication system which relies on security apps such as Duo and Google Authenticator instead of SMS-based verification codes. This means that a temporary security key or token is generated independently of the mobile number which prevents SIM hackers from getting to your Instagram.

While Instagram did not share further information about the feature (there isn’t a lot to be revealed, either), Tipster Jane Manchun Wong fetched a prototype of the feature by tearing down the latest APK. Based on the screenshots shared by Wong, the app will give users the option to even toggle both – SMS authentication and token-based key – on simultaneously. But, it would be in the best interest of users to rely on the latter.

SMS-based authentication codes are imperative to verification on not just social media apps and e-mail inboxes but also important for financial transactions. But a recent story by VICE’s Motherboard shows the ease of stealing mobile numbers from government repository like social security databases and then tricking a telecom operator into reassigning the mobile number to a phony SIM card.

Motherboard also reports that hackers are specifically aiming at Instagram and Twitter accounts because these can be sold for great financial gains. Instagram’s parent company Facebook recently rolled out a 2FA which works with authenticator apps instead of relying on SMS and it is a great move to see Instagram following in its footsteps to uphold the privacy of users and thwarting hackers and other miscreants.