I’ve been reviewing some of my security choices after the latest LastPass breaches. I see some password managers discouraging SMS-based 2FA in favor of Authenticator-based 2FA. I’m curious to understand how SMS 2FA gets compromised: what does attackers need to do? How easy is it to compromise?
In: 9
SMS messages are not encrypted, meaning other people near you can actually just read your SMS too. And that is just the most obvious security flaw.
Latest Answers