|
|
|
|
|
|
by HugoHobling
2474 days ago
|
|
|
I don't think it's that simple. From Google's research, SMS 2FA is highly effective against credential stuffing attacks: 100% coverage against automated bots and 96% against bulk phishing: https://security.googleblog.com/2019/05/new-research-how-eff... SMS 2FA can fail, spectacularly, for targeted attacks. TOTP would not solve this, only U2F/webauthn. |
|
|