NIST: SMS two-factor is dead! If you're a US agency
Any service provider to the US government that relies on SMS for two-factor authentication may need to swap the method for something with fewer design weaknesses.
Any service provider to the US government that relies on SMS for two-factor authentication may need to swap the method for something with fewer design weaknesses.