|
|
|
|
|
|
by jkepler
1460 days ago
|
|
|
SMS is bad for 2FA not because it can be spoofed, bit because of SIM-swapping attacks that let the attacker trivially take your 2FA codes from you---gaining access to your protected accounts while you're locked out. NIST recommended against using SMS for this reason in summer 2016. |
|
|