> in my mind you have created a single point of failure for _yourself_. I use Authy for MFA
Since Authy requires an SMS verification for setup, now you’ve made yourself vulnerable to SIM jacking. A better approach would be to use a TOTP generator that doesn’t verify you by SMS.
In general, there’s no point in people dissing SMS OTP as insecure and at the same time adopting a service that uses it.
Since Authy requires an SMS verification for setup, now you’ve made yourself vulnerable to SIM jacking. A better approach would be to use a TOTP generator that doesn’t verify you by SMS.
In general, there’s no point in people dissing SMS OTP as insecure and at the same time adopting a service that uses it.