The question isn't whether it's secure. Complete security is a work of fiction anyway. The real question is whether it's significantly more secure.
As of today, probably 3/4 or more of the online services I use that have serious security requirements are favouring SMS-based 2FA over just using ID and password as they used to. This can get a bit annoying, but it's obviously more secure than not doing it.
As of today, probably 3/4 or more of the online services I use that have serious security requirements are favouring SMS-based 2FA over just using ID and password as they used to. This can get a bit annoying, but it's obviously more secure than not doing it.