I fully agree with you on the theoretical reasons why SMS-based MFA is bad and should stop being used at some point.
In the meantime, try explaining a random user how to setup and use a TOTP for your application, I wish you good luck.
Once every business is able to enable TOTP-based MFA for their applications, it'll be a great day for cyber and my side project will cease existing ¯\_(ツ)_/¯.
In the meantime, try explaining a random user how to setup and use a TOTP for your application, I wish you good luck.
Once every business is able to enable TOTP-based MFA for their applications, it'll be a great day for cyber and my side project will cease existing ¯\_(ツ)_/¯.