Facebook is the last place you want to lose control of an account? Really?

Since when did a OTP (One Time Password) qualify as 2FA? It's like kissing your sister. That type of crap is for show and doesn't help much. Do we think it's difficult to intercept SMS texts or plain text emails? Try using personal certificates most anywhere on the web and see how well that works. IT doesn't. The mechanics might be similar but it's just NOT the same.

Two-Factor Authentication: Who Has It? This article ignores the fact that many banks are now using 2FA in verifying identity before permitting on-line transactions. And if you are traveling outside of the US, you may not necessarily receive security codes as some banks require a US post-paid mobile number to receive the code. Imagine traveling on business and finding out that you cannot transfer funds, pay bills or engage in transactions unless you travel back to the States? A lot of digital nomads are pretty upset by these new rules.