If you or your employees access protected information with authentication codes sent to a cell phone, you might want to rethink your plan. Two-factor authentication (2FA) using text messages can fall prey to phone authentication scams.
That’s not to say 2FA itself is a problem. You should keep using it, and many groups have turned to it to prevent threat actors from using stolen account credentials. Malicious actors may still try to grab authorized users’ credentials for their own purposes. In fact, the unauthorized use of credentials accounted for 29% of all attacks in 2019, X-Force IRIS observed.