HOW did the CEO of Twitter's account get hacked? Don't y'all have people for that? An oh shit button? 2FA? Something?
36
55
5
551
Something that can't be taken away from me without my knowledge. So, yubikey, TOTP, or even push notification, etc.
1
2
If SMS is purely for 2FA then yes. but quite often adding SMS 2FA also lets you use SMS for account recovery, and that is worse than having no 2FA.
Aug 31, 2019 路 2:21 PM UTC
1
1



