Ah, gotcha. Those are one-time passwords. Same acronym, so it’s easy to confuse them.
But yeah, I agree that everything should use (T)OTP for two-factor authentication, instead of SMS messages. The later mainly provides a false sense of security and presents only a minor hurdle for attackers to overcome.
OTP 2FA Codes are one time pads
Ah, gotcha. Those are one-time passwords. Same acronym, so it’s easy to confuse them.
But yeah, I agree that everything should use (T)OTP for two-factor authentication, instead of SMS messages. The later mainly provides a false sense of security and presents only a minor hurdle for attackers to overcome.