When using 2FA or MFA, use app-based authentication when possible

Two-factor authentication (2FA) and multi-factor authentication (MFA) are excellent ways to help protect your online accounts, but they’re not 100% secure. If they know you’re requesting a secondary code, a savvy cybercriminal can potentially intercept and read the associated text message, gaining access to the code and your account. Whenever possible, use app-based authentication with a frequently-changing code that can only be read within the app. Because there’s no text message to intercept, app-based authentication is more secure than receiving a code.