I’ve made the argument before and continue to stand by it. SMS as an MFA factor will always be a weak second factor. It’s not really “something you have”. It’s just a time limited second password. This is fine for low security applications. But, if you need higher security, go to smartcard, yubukey or something that must be physically present.
I’ve made the argument before and continue to stand by it. SMS as an MFA factor will always be a weak second factor. It’s not really “something you have”. It’s just a time limited second password. This is fine for low security applications. But, if you need higher security, go to smartcard, yubukey or something that must be physically present.