1. 21

  2. 13

    For sites that still require you use a phone number as part of 2FA, it’s probably best to not use one of the big carriers (which are quite susceptible to social engineering, per the article). Instead, get a number from https://jmp.chat/ or similar, and give the sites that number rather than your cell. This also lets you hide your real number from them.

    I mention https://jmp.chat/ in part because it lets you “login” to your phone number using whatever authentication method you like (since it uses Jabber on the back-end). So you’re free to make your phone number as secure as you want.

    1. 1

      Wow, I have been looking for something like this for ages for authentication.

      1. 1

        Glad I could help!

        Also, I’ve noticed a few people use https://jmp.chat/ for their primary phone number - they just get a cheap data-only (or “tablet”) cell plan, and then use JMP for SMS/MMS/calls on cellular data (or wifi). A nice way to make your phone number more flexible, and secure.