|
|
|
|
|
|
by ezfe
852 days ago
|
|
|
SMS 2FA is a code that you're entering from a phone number. The "risk" is that your phone number can be ported without your permission, and then someone else can get the code. TOTP is more secure because it isn't tied to a phone number. You're right that it's still phishable but that's not the point. In both cases, the primary benefit to the general population is to have a rotating credential that, if one website is hacked, is useless on another website. |
|
|