DON'T use phone number two factor authentication!

Two factor authentication tied only to a phone number is just garbage.

1. You lose your phone or number your completely fucked.

2. It costs the company that implements it extra money.

3. SMS which it uses is not the most secure.

4. It is sent from a number the user can not recognize or be sure actually belongs to the company.

Companies should just use email tied with their company's domain name after the at sign. It's free and the company can set it up easily with just some server side code.

As an example my ccri email account is saying I have to enter the code it sends me on my cell. MY CELL IS BROKEN!! This is why you can't depend on SMS two factor authentication!!!

POS Microsoft Outlook (ccri email uses) is the only thing that has this issue.