Any 2FA that sends you an authentication code though SMS is masturbation. That "secret" code is getting broadcasted over the air in cleartext. Time-based OTP is the only reasonable solution.
If you're willing enough to intercept my text messenger data and hack my system to know my login credentials and password before doing it, I'll just let you into my mcdonalds rewards account myself.
Any 2FA that sends you an authentication code though SMS is masturbation. That "secret" code is getting broadcasted over the air in cleartext. Time-based OTP is the only reasonable solution.
If you're willing enough to intercept my text messenger data and hack my system to know my login credentials and password before doing it, I'll just let you into my mcdonalds rewards account myself.