• cooopsspace@infosec.pub
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    8 months ago

    SMS: Here is your 30s “MFA” code, I’ll send it to you 40 minutes after you need it.

    SMS isn’t 2FA. Its 1.5FA.

    • KairuByte@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      8 months ago

      SMS isn’t even secure. Mitm, social engineering, straight up theft, and more are all ways around it. It should never have been implemented, but especially not when totp exists.