Quote:
Originally Posted by kq76
I'd love to get eriq's take on this too, and anyone else who's more knowledgeable than myself on this.
|
SIM swapping AFAIK only allows for the bad actors to intercept your text messages. It's been long known that MFA via text messaging is the least secure form of MFA out there for just this reason.
Dedicated MFA apps like Google Authenticator, Microsoft Authenticator, and the like are inherently better because they rely on the user having the physical device itself for a TOTP (Time-based One Time Password) rather than just sending out a text message.