Why am I being asked to change my second-factor method?
If you are being prompted to upgrade your second-factor security, this is because your current second-factor method may rely on SMS, or otherwise depend on telephone service.
The popularity of phone porting attacks
is on the rise, and the best way to separate your security from them is to use 2FA methods that do not send tokens by SMS, or allow backing up to an SMS-secured system. Attackers are increasingly sophisticated, and often a phone number is the easiest target for them.
We recommend using one of the following authenticator solutions:
- Google Authenticator
- Microsoft Authenticator
Some services that do not SMS tokens to you may still allow SMS as a backup option, and are not secure in that case.