On Tue, Feb 26, 2019 at 12:14 AM John Levine <[email protected]> wrote: > In article <[email protected]> you write: > >So what registries/registrars are supporting 2FA that's better than SMS? > > Opensrs does TOTP. It's certainly not bulletproof, but it's tied to > your actual phone rather than the phone number. (We careful folk put > our TOTP keys on a couple of our devices in case the phone dies or > gets lost.) It's very easy to implement, it's an IETF open > specification, and there are lots of clients that support it. > > FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard > they are to implement. > > https://twofactorauth.org/#domains gives a good view of the domain management landscape regarding 2FA.
Rubens
