Authenticator tokens are absolutely passe right now, there probably is single-digit percentages of people who don’t have at least one Authenticator code on their phone.
And for the handful of people who just don’t have a phone… RSA/Duo tokens exist for a reason.
SMS allows a whole class of additional attacks, it’s a terrible system and should be removed.
And for the handful of people who just don’t have a phone… RSA/Duo tokens exist for a reason.
SMS allows a whole class of additional attacks, it’s a terrible system and should be removed.