2FA without SMS?

Hello,

I’m surprised Swisscom only offers SMS as 2FA. Not only they don’t give an alternative, but in the help site they say the following:

iyanmv_0-1729537372049.png

For security reasons?! Okay, that is terrible. SMS as 2FA is known to be the weakest form of 2FA. It offers almost no additional protection compared to not having 2FA in the first place.

Why not add, like many other providers and websites, support for hardware tokens and HOTP/TOTP?

This post is in English

Hi @iyanmv

100% agree with you, TOTP would solve plenty of issues (like multi-people access etc.)

Sadly, it looks like this is not a priority for Swisscom, as we have been asking for it for quite some time now.

Some say it’s because Swisscom wants to push Mobile-ID, but that is pure speculation.

Best,

r00t

This post is in English

4b 65 69 6e 65 20 4d 61 63 68 74 20 64 65 72 20 6c 65 67 61 63 79 20 49 50 21