Background

Let us quickly cover how 2FA works.

As well as what it has going for it.

And, also some of its not so good.

Set Up

To set up 2FA, you register a phone number and choose verification method.

Currently Supported Verification Methods includes:-

To log into your account, you will do the following

Let us go over why you may choose text option.

Or on the other hand, why App option may be more secure.

Works Offline
- Cellular Data can be off
Ease of use
Minimum Requirement
- Any phone that supports SIM Card
Additional Hardware or Software
- No additional hardware or software is required
Phone OS Version Support
- Phone OS does not have to be on a modern version

Lifetime
- One time passwords are usable for a few minutes
SIM
- SIM Card Switchable
  - A SIM Card can be easily removed from your phone and placed in a new phone
  - The new phone will be able to receive incoming text messages directed at the registered phone number
- SIM Swapping attack
  - Someone other you can contact your carrier and have them switch your phone number to a SIM Card
- SIM Duplication attack
  - Software is available that will duplicate a SIM Card
Signaling System 7 ( SS7 )
- Eavesdrop
  - An attacker can exploit current vulnerability with SS7 and listen on your text messages
Rerouting
- SMS Messages can be rerouted to other devices
Malware attacks
- In the event that malware attacks have been installed on your phone, those malwares may have access to your text messages
Lost Access
- Unfortunately, loss of your phone will impact your access to your account
Phone Number Changes
- Whenever your change your phone number, you will have to change your phone across the board, as well
- It is advisable that you keep both phone numbers for a while as you access each site and change your phone

Rublon
- What Is SMS 2FA? Text Message Authentication Explained
  Link
CNET
- Do you use SMS for two-factor authentication? Here’s why you shouldn’t
  Link