Two-factor authentication is one of the most important ways to protect your accounts. However, recently some authentication methods like SMS have come under fire for being vulnerable to hackers, which defeats the point of “something you know and something you have.” We decided to look at the most common methods and rank them by how secure they really are.
While we talk about two-factor authentication (or 2FA) as though it were a single feature, it actually comes in a variety of flavors including SMS codes, email codes, authenticator apps for your phone, or even a hardware key. If you use SMS right now, don’t panic. Any form of 2FA is better than having none. Don’t disable 2FA just to avoid using SMS.