Why is email based 2fa bad but phone good? There are classes of issues you get through phone 2fa compared to email
Typically, you can also reset password via email, so it's really only one factor. Compromised email = compromised server.
alt Hacker News
Typically, you can also reset password via email, so it's really only one factor. Compromised email = compromised server.