> Having password + SMS OTP is strictly better, regardless of how shitty SMS OTP might be.
Unfortunately one can claim to "forgot my password" and use SMS OTP to reset it. Now it becomes a single factor authentication with a compromised phone.
Password + SMS OTP is strictly worse than a password. At least you cannot SIM swap your password.
Unfortunately one can claim to "forgot my password" and use SMS OTP to reset it. Now it becomes a single factor authentication with a compromised phone.
Password + SMS OTP is strictly worse than a password. At least you cannot SIM swap your password.