On Tue, Feb 26, 2019 at 12:14 AM John Levine <jo...@iecc.com> wrote: > In article <24679.1551146...@turing-police.cc.vt.edu> you write: > >So what registries/registrars are supporting 2FA that's better than SMS? > > Opensrs does TOTP. It's certainly not bulletproof, but it's tied to > your actual phone rather than the phone number. (We careful folk put > our TOTP keys on a couple of our devices in case the phone dies or > gets lost.) It's very easy to implement, it's an IETF open > specification, and there are lots of clients that support it. > > FIDO keys (like Yubikey) also seem OK but I haven't looked at how hard > they are to implement. > > https://twofactorauth.org/#domains gives a good view of the domain management landscape regarding 2FA.
Rubens
