Add support for MFA app. Using an app is more secure and faster than an SMS code.

Why SMS-based MFA is insecure

While better than no MFA, SMS is no longer a robust security method. It is highly susceptible to attack because:

SIM swapping:
This is a common and dangerous method where attackers convince a mobile carrier to transfer your phone number to a new SIM card they control. They can then receive your MFA codes and gain access to your accounts.

Lack of encryption:
SMS messages are not encrypted and can be intercepted by hackers with access to a telecommunications provider's network.
Phishing attacks: Attackers can use social engineering via email or text (smishing) to trick users into entering their MFA code on a fraudulent website.

Vulnerable signaling protocol (SS7):
The global telecommunications protocol used to route text messages has known weaknesses that allow for interception.

THanks!!