[huanwin]

For 2FA specifically, SMS is weak because of its vulnerability to SIM swap attacks[0]. There's been a few reported incidents where attackers stole cryptocurrency from accounts protected by SMS 2FA[1].

[0]: https://en.wikipedia.org/wiki/SIM_swap_scam

[1]: https://btcmanager.com/sim-swap-attacks-amplify-companies-re...