SSMS texts are unsecure and subject to interception and spoofing.
~~~
Sure they are, but do you know what kind of sophisticated op some hackers would need to have in order to hack your email password AND intercept your SMS messages?
If they stole your phone, then they also have access to your authentication App. To me, if you are targeting an individual, it’s probably more feasible to get their device than it is to intercept cellular traffic in between their provider and their device.
I know that this article is talking about individuals who were being targeted inside of critical infrastructure, but that’s not how 99% of most hacks work. They are almost always just hacks/crimes of opportunity, and not sophisticated targeting operations.
Right, I understand. Was just providing a simple answer to the question.
If they stole your phone, then they also have access to your authentication App.
Authentication apps require that you turn on biometric authentication (face, fingerprint, etc).
They sometimes let you fall back to using a PIN, but I don't recommend it.