Hacker News new | past | comments | ask | show | jobs | submit login

My bank uses SMS based 2FA. I'll send them this link and reiterate they should support U2F, or at least TOTP supported by Google Authenticator.

If SMS is problematic for 2FA, why isn't it problematic for account recovery?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact