Not only easy to understand but for a while it was the only way to do 2fa that was usable by lots of people. Smartphones aren’t as ubiquitous as people think, even today.
SMS’s fall from grace wasn’t actually that it could be intercepted, it was the fact it started being used as an excuse to ask for a phone number and use that to track people.
Google still won’t allow you to use any form of 2fa if you don’t give them a phone number. Twitch/Amazon too. Facebook used to (until they got Whatsapp, now they don’t need to ask.) LinkedIn used to (until they got broken into so many times it became a humongous liability).
Not only easy to understand but for a while it was the only way to do 2fa that was usable by lots of people. Smartphones aren’t as ubiquitous as people think, even today.
SMS’s fall from grace wasn’t actually that it could be intercepted, it was the fact it started being used as an excuse to ask for a phone number and use that to track people.
Google still won’t allow you to use any form of 2fa if you don’t give them a phone number. Twitch/Amazon too. Facebook used to (until they got Whatsapp, now they don’t need to ask.) LinkedIn used to (until they got broken into so many times it became a humongous liability).