As email & SMS have weak security, it should be good to provide the possibility to use 2FA based on something safer.
For example, Amazon.com, and AWS support One Time Password as defined by IETF RFC 62386 & 42267.
This kind of OTP is supported by most modern OS (Android, iOS, MacOS, Windows, Ubuntu…).
Supporting this will allow customer to secure there account.
This is a great suggestion - and a popular one! The idea seems to be getting good traction in this post. Maybe we should concentrate our upvotes on that one to get it nearer the top of the list?
Hello mykaitch, you are totally right! Is there a way to merge our requests ?