> That is one of the nice things about SMS 2-factor auth, the backup authentication method (lost phone) is on the wireless company instead of you.
This is one of the terrible things about SMS 2-factor auth! In exchange for having them be able to replace your phone (so your 2FA works again) you're giving them the ability to spoof you at any given time. From a company's perspective it might be better (don't have to deal with "I lost my ...") but it's a terrible trade off for users.
This is one of the terrible things about SMS 2-factor auth! In exchange for having them be able to replace your phone (so your 2FA works again) you're giving them the ability to spoof you at any given time. From a company's perspective it might be better (don't have to deal with "I lost my ...") but it's a terrible trade off for users.