[SiVal]

"Switch to a more secure method of 2FA"

What would you suggest? I've heard that using your phone for 2FA is a bad idea several times now, but I'm not hearing suggested alternatives. Clearly your alternatives are limited by what you're offered, but I would still welcome advice for what practical alternatives I should try to use instead of phone.

[mutagen]

An app or hardware generating TOTP or HOTP codes is generally considered better than SMS based authentication but is susceptible to phishing and requires planning around phone upgrades or backup measures in case of a lost device. Google Authenticator app, Yubikey, or the like.

[sakopov]

I'm not claiming this is more secure by any means but I started using a Google Phone number for 2FA associated with a Google account which uses a hardware token for authentication. My reasoning being that a Google phone number cannot be transferred without logging into the account and releasing the number. So I figured if I used the most secure 2FA method for that account it would be safer than relying on my telco which doesn't employ any serious security measures and is likely more susceptible to social engineering than Google.