Originally Posted by
The Man in Seat 9A
Yes, I know that my information has been, can be, and will be stolen time and time again without any involvement with me or any of my authentication factors, but I still turn on 2/MFA every chance I get and I vastly prefer authenticator apps and physical tokens to sms codes or challenge questions.
An authenticator app is an improvement over SMS, and a physical token better still. However, keep in mind that the airline industry is intentionally insecure, because there people whose job responsibility consists. almost solely, of managing others' travel plans. And any process that starts online, without an offline interaction of some kind, is never secure -- the "2FA" depends upon their
single-factor identification of you the first time.