So, the security of your SMS messages relies on the security of those networks, or lack thereof. When it comes to SMS messages, including one-time passcodes, iMessage is no more secure than any other SMS platform. Similarly, Apple and Google’s new initiative to collaborate on standard formatting and domain-specific codes does nothing to strengthen SMS security, albeit it will address the increasing risk of SMS phishing. So, for someone who has used ‘Summer1’ as their only password for years, enabling SMS 2FA is huge progress. Look for progress and not perfection.”So, yes, you should stop using SMS security codes for two-step verification—but, unfortunately, you can’t.

Source: Forbes October 11, 2020 09:22 UTC